Читать книгу The FINTECH Book - Chishti Susanne - Страница 18

By Jan C. Wendenburg

Member, Executive Board, XCOMpetence AG

We love great FinTechs, like PayPal, Apple Pay, and Stripe. We love to see them rise. We love using them. But we would all dump them within a second if they were to fail – fail to be trusted, fail to be secure, or fail to comply with local financial regulations. Compliance with legal financial regulations is not optional, but mandatory. It is mandatory for each FinTech to build a secure, trustworthy service, regardless of geography and legislation. Almost every nation has its own individual financial regulation based on its distinct culture, financial system, and historical experiences.

If you have launched your FinTech company but disregarded compliance for your service, you may well be shut down by supervisory authorities, resulting in potential reputational damage and associated costs needed to rectify them. If you over-comply with regulations, you will not move forward fast enough and be ousted by the competition. Are there any shortcuts to compliance?

FinTechs Must Understand Each Local Regulatory Stack!

If you want to bypass industry incumbents, you must understand the rules of the game. While FinTechs are trying to bypass major players, they cannot begin attacking them unless they understand the regulatory landscape and quickly learn how to use regulation and legal specialties to their advantage.

A key rule is that you should never try to bypass regulation. It’s much better to embrace it as a core function of your organization. If you take care of regulation and compliance from the start, you will be in a stronger position from the very beginning instead of having to play catch up. It’s like customer acquisition: it pays big dividends down the line. Think twice about what your organization does and how you intend to structure your compliance. Do you really see regulation and compliance as part of your organization, your life, and the DNA of your start-up? What are you doing today regarding regulatory compliance? Do you know how financial regulation works throughout the most important regions around the world?

The United States: A Single Market with Complex, Multi-level Regulations

Let us first take a look at financial regulation in the United States, which is highly fragmented compared to European and Asian countries, where most jurisdictions have only one bank regulator. In the US, banking is regulated at both the federal and the state level. Depending on the type of charter a banking organization has, and on its organizational structure, it may be subject to numerous federal and state banking regulations.

This structure makes life complex for FinTechs in the United States. For example, if you want to provide investment management and advice, like Wealthfront in Palo Alto, CA, you will have to specify first which state law may apply to a particular client. Beyond that, you will not be allowed to serve international clients, unless you implement international anti-money laundering procedures and handle cross-border tax issues properly. As a result it may be easier to open international offices within other countries instead and serve local clients within the regulatory framework.

If you want to launch something in the lending space, like Lending Club in San Francisco, CA, you will have your marketplace of lenders and investors at the bottom. On top of that, in increasing order of difficulty and market breadth, you will have US state-level legislators, then US federal regulators, NASAA, then the Securities Exchange Commission (SEC). Once you succeed here, and want to serve European lenders and investors, you will have to open European or Asian offices and must follow their local regulations.

Europe: Still Complex but with Some Harmonized Regulations

In 2014 Europe implemented the Single Supervisory Mechanism (SSM), which is intended to harmonize the different national financial regulations within the 27 European member states. Within each country, a National Competent Authority (NCA) supervises national banks and financial service providers. If you want to expand into other European countries, you will have to work with the local NCAs and their respective regulations, i.e. in the UK the Prudential Regulation Authority (PRA), which oversees about 1,700 banks and financial service providers, and in France the Autorité de contrôle prudentiel et de résolution (ACPR), both based on a similar regulatory and legal stack as Germany.

Asia: Remains Very Fragmented

Going to Asia, you may want to focus only on China and India – the rest of Asia is very fragmented and mainly focuses on what the two major Asian countries are doing. China’s financial system is highly regulated and has recently started to liberalize itself as China’s financial policy becomes more significant to its overall economic strategy. As a result, banks and financial service providers are becoming more important to China’s economy by providing increasing amounts of finance to enterprises for investment, seeking deposits, and lending money to the government. The People’s Bank of China is the largest bank in China and acts as the Treasury. It also issues currency, monitors money supply, regulates monetary organizations, and formulates monetary policy for the State Council. The Bank of China manages foreign exchange transactions and foreign exchange reserves. The China Development Bank distributes foreign capital from a variety of sources, and the China International Trust and Investment Corporation (CITIC), previously a financial organization that smoothed the inflow of foreign funds, is now a full-fledged bank, allowed to compete for foreign investment funds with the Bank of China. The China Construction Bank lends funds for capital construction projects from the state budget, and finally the Agricultural Bank of China functions as a lending and deposit-taking institution for the agricultural sector.

By the end of 2014, the Chinese government had adopted new regulations requiring 75 % of all technology products used by Chinese financial institutions to be classified as “secure and controllable” by 2019. This means suppliers and service providers will be forced to turn over their secret source code to Chinese auditors to enable invasive governmental audits to detect back doors into hardware and software. This rule applies to all financial institutions and their suppliers providing financial services in China, making competition pretty hard for foreign companies.

In India the regulation and supervision of the financial system has a complex multi-level architecture undertaken by different regulatory authorities. The Reserve Bank of India (RBI) regulates and supervises the major part of the financial system. The supervisory role of the RBI covers commercial banks, urban co-operative banks (UCBs), some financial institutions, and non-banking finance companies (NBFCs). Regional Rural Banks, the co-operative banks, and housing finance companies are supervised by the National Housing Bank (NHB). Through the Department of Company Affairs (DCA), the Government of India regulates deposit-taking activities of corporates, other than NBFCs. The Indian capital market, mutual funds, and other capital market intermediaries are regulated by the Securities and Exchange Board of India (SEBI); the Insurance Regulatory and Development Authority (IRDA) regulates the insurance sector; and the Pension Funds Regulatory and Development Authority (PFRDA) regulates pension funds.

In 2011 only about 35 % of Indians over the age of 15 held an account at a formal financial institution.29 After a failed initiative to connect each household with a bank account, the ADHAR initiative issued 770 unique identities (UID), a cornerstone for easy mobile SIM card registration and mobile money. Promoted by the PMJDY campaign, today about 99.7 % of households are connected to a bank account. Driven by this huge success, the Indian RBI committee started to accept applications from companies for a specialized banking licence – a payment-only bank licence, subject to regulatory scrutiny and clearance, it was granted to first applicants in late 2015.

Payment Services are Globally Regulated

Adding payment services to your portfolio will trigger another set of strict regulations. To prevent money laundering, payment services in general, including P2P, P2B, and B2B services, are heavily regulated by governments almost everywhere. The FATF (Financial Action Task Force on Money Laundering), an international joint organization of more than 34 member countries located at the global OECD offices in Belgium, issued in 2012 a comprehensive framework against money laundering and the financing of terrorism. This internationally accepted framework has been converted into very specific national money transfer regulations, which are essential when operating an international or global money transfer or payment service.

Europe implemented the Directive on Payment Services (PSD), to provide the legal framework for the creation of an EU-wide single market for payments. The PSD, recently updated to PSD2, aims to establish a modern and comprehensive set of rules applicable to all payment services in the European Union. The target is to make cross-border payments as easy, efficient, and secure as “national” payments within a Member State. The PSD also seeks to improve competition by opening up payment markets to new entrants, thus fostering greater efficiency and cost reduction. At the same time, the Directive provides the necessary legal platform for the Single Euro Payments Area (SEPA).

In the US, on 26 January 2015 the Federal Reserve System issued the federal “Strategies for Improving the U.S. Payment System”, which represents a multi-faceted plan for collaborating with payment system stakeholders including large and small businesses, emerging payments firms, card networks, payment processors, consumers, and financial institutions to enhance the speed, safety and efficiency of the US payment system. This document includes multi-level regulations and comments to ISO 20022 to improve the efficiency and security of national and cross-border payments.

Local and Global Compliance – Make, Buy, or Partner?

Each FinTech, each service, each level, and each geography has its own set of rules and you must implement a strategy for how you might use regulation to your advantage at every stage of your FinTech’s expansion and development. The way you manage the process at each stage will have substantial implications for later stages. You may need to exchange a suboptimal customer experience or fast growth, for example, to gain regulatory approval en route to providing a better customer experience and faster growth later.

Even something as simple as regulation in a specific geography must be carefully considered. For example, where you choose to base your start-up is one of the most important decisions that you will make. There may be local, national, and international laws that can support (or damage) your business model and it is up to you to find them. Global examples of problems abound, like Uber entering a market regardless of legal and industry-specific regulations, resulting in many regulatory and union challenges at a local level in several countries and cities around the world. Others, like PayPal, first carefully investigated the regulatory ecosystem in each region, launched a very basic “ebay payment service”, and then expanded into other areas, i.e. P2P payments, after knowing exactly how to comply with each regulation for each service in each jurisdiction. Having a revenue stream originating in the jurisdiction also helped.

If you have got multi-million or billion-dollar funding for a global business, you may have the funds to buy any advice that you may need from local or global consultant firms. For FinTech start-ups, it might not be a bad idea partnering with medium-sized, flexible local bank heroes, and be guided by some experienced experts. Throughout all geographies (China is a more complex story), there are some great and powerful banks specializing in FinTech backbone services, e.g. Barclays (UK), biw-Bank & Fidor (Germany), mBank (Poland), Santander (Spain), Toronto-Domion (Canada), Westpac Banking Corp. (Australia), and many others. For a fee they will take care of much of the relevant regulatory stuff so that you can concentrate on your core business.

Regardless of any purchased advice or great partnership, please keep in mind that you will never be able to outsource or delegate regulatory compliance. If compliance becomes part of your company, your life, and your DNA, it will be one of your key success factors.

29

Source: The World Bank; See also Raymond Zhong, “India Launches Program Giving Poor Access to Bank Accounts”, The Wall Street Journal, 28 April 2014, available at http://www.wsj.com/articles/india-government-launches-program-giving-poor-access-to-bank-accounts-1409234530.