ABA Banking Journal
No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
SUBSCRIBE
ABA Banking Journal
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
No Result
View All Result
No Result
View All Result
ADVERTISEMENT
Home Compliance and Risk

Banks’ pursuit of fintech partnerships requires optimizing change management

September 22, 2022
Reading Time: 5 mins read
Banks’ pursuit of fintech partnerships requires optimizing change management

“The crux of the issue is that ultimately the bank has to have a strong oversight and management system.”

By John Hintze

Banks’ measured and controlled approach to adopting new products and services is being tested now as they aggressively pursue partnerships with nonbank fintech companies—all as regulators step up their scrutiny.

Nearly two-thirds of banks and credit unions had entered into at least one fintech partnership over the previous three years and 35 percent invested in a fintech firm, reports a 2021 survey by Cornerstone Advisors. And of those that hadn’t yet partnered or invested, respectively 37 percent and 18 percent planned to do so in 2022.

The Consumer Financial Protection Bureau has taken notice. In April, it invoked authority under the Dodd-Frank Act to examine nonbank companies posing risks to consumers, including fintech firms, and it issued a procedural rule to make its process to determine entities’ riskiness more transparent. In December, it requested information from major buy-now-pay-later, or BNPL, firms, an early step in proposing regulations.

In short, the CFPB has stepped up its oversight of fintech firms, and so must banks must be spot on with oversight of these relationships as well, noted participants in a session about building a compliance risk management framework for fintech partnerships at ABA’s recent Regulatory Compliance Conference.

That oversight starts with fintech onboarding, which requires upfront due diligence similar to onboarding any high-risk vendor and implementing an ongoing monitoring process. Consumer financial service providers must be especially vigilant, session participants said, regarding UDAAP and fair lending regulations. And banks must ensure fintech partners understand and observe them.

Some upfront testing—before inking a partnership—may be necessary, says Chris Lucas, chief compliance officer at MVB Bank, pointing to customer complaints as particularly relevant. Given that fintech firms are not examined and are often startups, bankers must be sure that these companies that directly contact customers have the ability to capture complaints, and the bank and fintech “stack hands” on how complaints are defined and the risk they pose.

“And you want a good flow of those complaints, on at least a monthly basis, for the bank’s own analysis,” Lucas says.

Juan Azel, chief compliance officer and deputy general counsel at Cross River Bank, which serves many fintech firms as a banking as a service provider, adds that banks must view fintech vendors as a delivery channel and ultimately take responsibility for the product.

“Whether it’s BNPL, crypto or whatever product, it’s ultimately the bank’s,” Azel says And it is important to convey that message not only to the bank’s management and board but also to regulators. “The crux of the issue is that ultimately the bank has to have a strong oversight and management system.”

When considering a new relationship with fintech firms, banks should also consider reputational risk, especially if the fintech firm has faced penalties before, and whether the fintech has a compliance management system in place. An early-stage fintech firm’s CMS may be wanting, requiring the bank to establish a baseline for what is required and even help the fintech establish key components, such as a compliance staff, training and risk assessment.

“Once they’ve established that baseline, the bank can come back and do a phase-two due diligence,” Lucas says.

Banks deploy compliance management systems focused on their traditional bank businesses, including branches, commercial real estate and small business loans, and they must decide whether a separate CMS is appropriate for fintech partnerships and the accompanying rules and guidance from banking regulators to manage third-party risk. To make that decision, Azel says, a bank can look at its current products and services and prepare a feasibility analysis and perhaps an obligations register to determine which laws and regulations are applicable as a bank as well as providing products and services through a fintech firm.

“Are you going to have individuals monitoring and testing just the bank-side products and others monitoring third-party partners and those products and services?” asks Azel. “You can double your [compliance department] size pretty quickly.”

Both MVB and Cross River decided to merge the functions into one group. Azel said that Cross River created a team of analysts called CMS Support that reviews complaints received by the bank and the fintech firms and liaisons with the compliance professionals on either side to identify trends, resolutions, or whatever is necessary.

MVB’s CMS sits over and monitors its traditional and fintech partnerships, viewing the latter as “essentially another business line,” Lucas says.

He adds that his compliance team has subject matter experts dedicated to the fintech activities as well as a dedicated “risk onboarding team” that he described as a “jack of all trades in terms of risk disciplines,” covering compliance, operations, anti-money launching, fraud and other risks.

“One CMS works much more seamlessly from a governance and reporting perspective,” he says, noting the importance of providing senior management and the bank’s board as well as regulators with the “whole risk spectrum.”

Fintech firms’ innovative and ever-changing ideas can rub against the grain of how some banks are used to working. A fintech firm’s product may change soon after the bank onboards it, for example. That requires the bank to have a change management process, Azel notes, and perhaps also a formal change request process similar to Cross River’s that defines material changes and establishes a review process. In some cases, he says, the obligations register may clarify that the bank simply can’t currently offer the new product.

ADVERTISEMENT

“It triggers a readiness or feasibility gap analysis for what the bank needs in terms of resourcing, policies and procedures, and controls to be able to offer that product through that specific platform,” he said.

Lucas points out that key to balancing fintechs’ speed and banks’ more methodical approach is wrapping governance around the change-management processes. MVB, for example, has a committee that oversees the bank’s new products and services process, and any fintech firm requests for product changes or to launch a new product runs through that committee.

“We work with the fintech to make sure they understand what they need to do,” Lucas said. “Then we track the build out on the bank and the fintech sides and report up through the appropriate reporting channel.”

Governance smooths the change-management process, and employing dedicated personnel is another lubricant. Lucas also points to “playbooks” that the bank builds out with the fintech early in the relationship to detail the steps in the process. “So we’re operating with speed, but we’re not abandoning our existing compliance and control infrastructure,” he says.

Azel agreed that a playbook to deal with UDAAP concerns because BNPL fintechs, for example, are not only marketing on their own web pages but entering into agreements with multiple merchants, and they may be unfamiliar with UDAAP or the Trust in Lending Act’s Reg Z requirements. A playbook can stipulate how they can advertise their products and the types of terms to use or not.

Monitoring playbook compliance can be difficult, Azel acknowledges, but it is important to emphasize that if the fintech wants to go outside the playbook, “We need to review and consent to the marketing sheet before it can do that.“

John Hintze is a frequent contributor to ABA Risk and Compliance.

Tags: FintechsVendor relations
ShareTweetPin

Related Posts

FBI: Crypto-related fraud losses increased 45% in 2023

Justice Department seizes millions of dollars linked to alleged crypto investment scams

Compliance and Risk
June 20, 2025

The Department of Justice announced it has seized $225.3 million in funds linked to cryptocurrency investment scams. The action marks the largest cryptocurrency seizure in Secret Service history.

ABA urges FinCEN to reevaluate BOI collection burden on banks

FinCEN releases figures on BSA filings

Compliance and Risk
June 20, 2025

Financial institutions filed 4.7 million suspicious activity reports in fiscal year 2024. They filed 20.5 million currency transaction reports during the same time frame.

FinCEN to propose new rules on money laundering, whistleblower program

Treasury official outlines principles for Bank Secrecy Act modernization

Compliance and Risk
June 18, 2025

The Treasury Department is exploring ways to streamline the filing process for suspicious activity reports and currency transaction reports as part of a broader effort to modernize BSA enforcement, Deputy Secretary of the Treasury Michael Faulkender said.

ABA suggests splitting proposal to expand Fedwire, NSS operating hours

FATF releases revisions to international standard for payment transparency

Compliance and Risk
June 18, 2025

FAFT announced several revisions to its recommendation on payments transparency, which it said will enhance the safety and security of cross-border payments to better detect financial crime.

Senate Democrats seek proposals for regulatory changes following recent bank closures

Stablecoin bill clears Senate

Newsbytes
June 17, 2025

The Senate voted in favor of legislation to establish a regulatory framework for payment stablecoins, with proposed amendments to establish routing mandates and interest rate caps for credit cards left out of the final bill.

BAFT releases report on best practices, guidance for ISO 20022 migration

CFPB to delay small-business lending data collection compliance dates

Compliance and Risk
June 17, 2025

The CFPB will issue an interim final rule today to push back by roughly a year the compliance dates for its small-business data collection requirements, according to a filing in the Federal Register.

NEWSBYTES

ABA DataBank: Planned/announced office conversions spike

June 20, 2025

OCC releases mortgage performance report for Q1 2025

June 20, 2025

Justice Department seizes millions of dollars linked to alleged crypto investment scams

June 20, 2025

SPONSORED CONTENT

AI Compliance and Regulation: What Financial Institutions Need to Know

Unlocking Deposit Growth: How Financial Institutions Can Activate Data for Precision Cross-Sell

June 1, 2025
Choosing the Right Account Opening Platform: 10 Key Considerations for Long-Term Success

Choosing the Right Account Opening Platform: 10 Key Considerations for Long-Term Success

April 25, 2025
Outsourcing: Getting to Go/No-Go

Outsourcing: Getting to Go/No-Go

April 5, 2025
Six Payments Trends Driving the Future of Transactions

Six Payments Trends Driving the Future of Transactions

March 15, 2025

PODCASTS

Podcast: Staying close to clients amid tariff-driven volatility

June 18, 2025

Podcast: Old National’s Jim Ryan on the things that really matter

June 12, 2025

Podcast: What bankers need to know about ‘First Amendment audits’

June 5, 2025
ADVERTISEMENT

American Bankers Association
1333 New Hampshire Ave NW
Washington, DC 20036
1-800-BANKERS (800-226-5377)
www.aba.com
About ABA
Privacy Policy
Contact ABA

ABA Banking Journal
About ABA Banking Journal
Media Kit
Advertising
Subscribe

© 2025 American Bankers Association. All rights reserved.

No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive

© 2025 American Bankers Association. All rights reserved.