How can Compliance Keep up with Fast-Moving FinTech?

New technologies have revolutionised how we do business, find love, travel and shop. And more recently, the digital age has shaken up the worlds of finance and banking.

But as people move to innovative banking and saving formats, how can regulators protect the public while also providing a level playing field for established banks and new entrants alike?

And how can the new breed of FinTech companies adhere to regulations without being crippled by the administrative overload?

Before we try to answer these questions, let’s define FinTech.

What is FinTech?

In brief, FinTech is the application of new operating models and software solutions to traditional financial services.

In reality, FinTech means many different things. FinTech includes mobile apps, cryptocurrencies, blockchain, peer-to-peer lending and flexible investment platforms. FinTech firms are often new startups founded by technical experts with the skills to bring bold new ideas to life.

While FinTech startups move quickly and attract bright young developers, they may not have the resources and customer base to capitalise on the promise of their inventions. This has led to a number of partnerships (and buyouts) of FinTech startups by established banking giants, meaning that some of the innovators are now underpinned by the very ancestors they sought to disrupt.

The FinTech regulation puzzle

One challenge for FinTech companies is the weight of regulation.

Starting a new financial service company can be immensely challenging, because of the huge number of laws that protect consumers and governments from bad banking practices. While the current regulatory landscape has emerged over many years, giving banks plenty of time to comply, new entrants must meet all the regulatory requirements from day one – something that can become a financial drain when income is minimal.

Consequently, FinTech startups and their supporters advocate for a light-touch approach to regulation so that they can find their feet and bring customers new ways to bank, borrow, invest and save.

On the other side of the coin, regulators want to give FinTech startups the room to grow, while also protecting consumers, corporations and governments from unorthodox financial experiments.

Regulatory sandboxes

One approach to fostering innovation while protecting consumers is to create a regulatory sandbox – essentially an environment for testing new financial products and services under tight control by regulators.

In 2013 the UK’s Financial Conduct Authority (FCA) created a regulatory sandbox for FinTech startups in their London headquarters. This gave startups a chance to develop their ideas without the usual degree of red tape and compliance challenges.

Compliance and FCA training from VinciWorks

VinciWorks provides a wide range of corporate eLearning solutions, including a suite dedicated to compliance and a selection of FCA training modules. Our eLearning can be delivered as off-the-shelf packages, or we can customise the content to suit your organisation.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.