Sticking to Your New Year’s Compliance Resolutions

Consumer demand for the latest technological advancements is reshaping how credit unions think about fintechs. This shift is no longer a choice but a necessity to stay competitive. However, partnering with fintechs can create substantial regulatory and compliance challenges that credit unions must adeptly navigate in the new year by making some resolutions.

Balancing Member Preference With Regulatory Compliance

Historically, credit unions have had a mix of curiosity and concern about embracing fintech partnerships. One primary apprehension revolves around the challenge of preserving the personalized, member-focused experience integral to their identity. The shift toward digital solutions, inherent in many fintech offerings, has sparked fears of losing the human touch and community ethos that credit unions value.

However, another primary concern is the evolving regulatory landscape, and credit unions may be apprehensive about ensuring seamless compliance when integrating these technologies. Striking a delicate balance between innovation and adherence to regulatory requirements is paramount as credit unions strive to embrace fintech collaborations without compromising the integrity of their longstanding commitment to regulatory diligence and member protection.

One common misconception is that venturing into fintech necessitates significant new hires and substantial capital and technology investments. In reality, the key lies in the customizability of a third-party oversight program (TPO) tailored to the specific products, services and associated risks. These opportunities span from simple referral programs to the more complex Banking-as-a-service (BaaS) models, each requiring varying degrees of oversight.

Building a Customized TPO Program

A TPO program is the cornerstone of a thriving fintech partnership, particularly from a risk and compliance perspective. To remain compliant and competitive, credit unions must pay significant attention and commitment to crafting a TPO program. What qualifies as an exemplary TPO program at a traditional community bank may not meet the evolving regulatory expectations when it governs an institution offering core products and services through various fintech and digital partners.

While many already incorporate the core elements of a TPO program, those expanding their fintech footprint may encounter additional unaccounted-for risks. Some common yet overlooked compliance risks include reviewing money transmission processes, assessing deposit account setup procedures, evaluating marketing practices, ensuring certain contractual obligations are being met and establishing procedures for regulatory protocols mandated under the Bank Secrecy Act and other regulations.

Proactive Engagement With Regulators

Regulators have been increasingly supportive of credit unions partnering with fintechs, viewing it as an avenue to expand access to financial services for underbanked and credit-invisible individuals. Over the past few years, various regulatory bodies have created offices and issued guidelines to help financial institutions harness data and technology while upholding safety, soundness and consumer protection. The recent Final Rule on Innovation by the NCUA is a perfect example.

To build and maintain a successful relationship with regulators, credit unions should consider the following:

1. Notify regulators of fundamental changes: Whenever a credit union undergoes a fundamental change to its business plan, such as partnering with a fintech firm, it should consider notifying its primary regulator(s). Proactively communicate the compliance implications and regulatory considerations, demonstrating an awareness of the responsibilities involved.

2. Conduct due diligence: Credit unions should conduct thorough due diligence on fintech partners. This includes evaluating their compliance capabilities, performance and the quality of their programs.

3. Involve compliance early: Ensure compliance departments are actively involved in the due diligence process and the ongoing management of fintech relationships. Early involvement can help mitigate compliance issues down the line.

4. Test and adapt: Implement a robust testing and adaptation process, especially in response to changing trends, regulations and enforcement actions. Create clear expectations with fintech partners regarding information sharing and response to exams and complaints.

Now more than ever, it is crucial for credit unions to adapt and embrace fintech partnerships and effectively manage the associated compliance challenges. A customized third-party oversight program, proactive engagement with regulators, and a commitment to identifying and addressing compliance risks are integral to ensuring success with future fintech collaborations. Credit unions sticking to these compliance resolutions in the New Year will successfully position themselves to meet their members’ needs, remain compliant and achieve their organizational goals.

Lauren Sartwell is Director of Regulatory Compliance for the Cincinnati, Ohio-based lending platform and network provider LendKey.