It was not too long ago that investing in the stock market was left to the same people who scheduled meetings on the golf course. Nowadays, the public has the Wall Street capability at their fingertips, with all the bells and whistles and scandals we could have ever wanted – looking at you, r/WallStreetBets.
With the entrance of tech into the finance world, so did the laws that govern it. “FinTech” is an umbrella term that covers each and every technology covering technology, you are probably most exposed to its ever-changing interactions with cryptocurrencies. It is governed on both federal and state levels, and for good reason, over 80% of Americans are actively using digital forms of transactions.
MindK has been working for nearly a dozen years with firms that provide financial services. A main resource we have followed for compliance regulations and data protection laws is GDPR, which has been adopted on an international scale.
Governing control and regulation of Fintech has no where near evolved like technology has. Due to this, states and jurisdictions are all over the place with different local regulations on how you do business. Every place you plan to host or spread your technology needs to be well researched.
On a federal level, these are some of the things we recommend you keep in mind:
- Bank Secrecy Act (BSA) governs Anti-Money Laundering (AML) regulations for FinTech companies. These companies must report all suspicious activities and the acquisition of negotiable instruments (cashier checks and money orders).
- Section 326 of the USA Patriot Act obliges FinTechs to implement Know Your Customer (KYC) procedures. Its Title III obliges FinTechs to implement AML procedures, employ compliance officers for continuous worker training, and assess their KYC/AML programs via third-party audits.
- Know your customer (KYC) demands that FinTech and banking firms have accurate record on who they are dealing with as clients to avoid fraudulent and terrorist funding.
- The Anti-Money Laundering Act of 2020 (AMLA) has among other things amended the BSA to include requirements for FinTechs to develop risk-based programs to prevent money laundering and terrorist funding.
- Fair Credit Reporting Act (FCRA) dictates how financial companies collect consumer credit information.
- Gramm-Leach Bliley Act (GLBA) demands all FinTech companies disclose how they share customer information.
- Securities Act of 1933 regulates Initial Coin Offerings (ICOs) for American FinTechs. A precedent known as the Howey Test shapes the legal status of an ICO subjecting it to the Exchange Act and the Securities Act if it meets the threshold requirements.
- Electronic Fund Transfer Act and CFPB Regulation E govern the sphere of payments, requiring FinTechs to resolve transfer errors within 45 days.
- Truth in Lending Act (TILA) lays out the obligations for credit card holders – defend and enhance credit card disclosures, rate increases, payment allocations, and a reasonable amount of time to make payments.
- Jumpstart Our Business Startups (JOBS) Act requires crowdfunding platforms to register with the FINRA and SEC, setting the maximum fundraising sums and other limitations. If you run a peer-to-peer (P2P) lending website that is a partner of a traditional bank, your site is recognized as a third party and the bank becomes responsible for compliance. Yet, if you sell loans as securities, your platform becomes subject to SEC oversight.
- Truth in Savings Act (TISA) includes FinTech requirements on transparent disclosure of fees and interest rates.
- Electronic Signatures in Global and National Commerce (E-Sign) Act regulates electronic documents and signatures. According to the act, FinTechs are required to supply an option for paper copies, disclosures of electronic documents, and how future electronic contact will be made with the customer.
- Numerous regulators are responsible for oversight of payment-related FinTechs. They include local governments, the National Automated Clearing House Association (NACHA), and the planned Department of Treasury’s FinTech Council.
- There are other consumer protection laws that FinTechs like the Fair Credit Reporting Act, Equal Credit Opportunity Act, and Home Mortgage Disclosure Act.
When it comes down to who is going to enforce (or audit) these compliance regulations on a company, the answer is not so cut and dry. When it comes to taxes, we look to the IRS, but the FinTech enforcers are actually spread through a multitude of governing bodies:
| Regulator | Regulation object |
| Securities and Exchange Commission (SEC) | Oversees the American securities market – securities exchanges, investment advisors, mutual funds, dealers, and brokers. |
| Financial Industry Regulatory Authority (FINRA) | Protects investors. Investment and crowdfunding companies must be registered with FINRA and the SEC |
| Federal Trade Commission (FTC) | Watches for “anticompetitive, unfair, or deceptive” actions by B2C companies as well as oversees privacy and data protection responsibilities. |
| Federal Deposit Insurance Corporation (FDIC) | Oversees the American deposit insurance scheme and regulates banks that aren’t subject to the Federal Reserve System. |
| Consumer Financial Protection Bureau (CFPB) | Regulates B2C financial services and takes actions against deceitful or unfair practices. Consumer’s rights are protected and prioritized. |
| Financial Crimes Enforcement Network (FinCEN) | Administers Anti-Money Laundering (AML) regulations and imposes the terms of AML compliance for financial companies. |
| Office of the Comptroller of the Currency (OCC) | Oversees national banks and accepts applications for special purpose charters from FinTechs that manage deposits, cheques, or engage in lending activities. Companies with the charter have the same compliance requirements as national banks. |
| Commodity Futures Trading Commission (CFTC) | Regulates commodity exchange markets, oversees trading organizations, intermediaries, and similar companies. |
| State legislations | Local regulations vary from state to state. There are some of the attempts being taken at streamlining the complexity of state-level legislation. |
With all this in mind, there is more to note: regulators are continuously introducing new rules on how fin-tech and digital banks conduct business. Public opinion and enrollment in digital banking show promising and growing clientele, but with no Brick-and-Mortar locations, regulators need to evolve their compliance structure to keep firms operating within the law. The FDIC recognizes the possible intimidation that this evolving regulatory space could give business minds, so it recently published a guide: Conducting Due Diligence on Financial Technology Companies. This media piece is one of many webinars and guides being published by regulating bodies to ensure that the Fintech space is safe for consumers, and welcoming for investors.