Fintech Risk Management: Fintech regulation as an opportunity
Fintechs are drawing increasing attention—and are at risk of potential disruption—from regulators. How to respond? See five fintech risk management principles that can help ease the disruption that closer regulatory scrutiny may bring.
What’s at risk for fintechs?
As the fintech sector has coalesced and expanded, several internal and external forces have contributed to making it both an exciting and challenging business environment:
Market growth. Customers empowered by broadband and smartphones began demanding faster, easier, and more direct access to financial products and services. Fintechs responded with a combination of vibrant entrepreneurialism and technological and product innovation.
Emerging technology. Technological innovation has led to new business models, new product and service delivery channels, and creative approaches to attracting, interacting with, and gaining the loyalty of customers.
Partnerships and alliances. Fintechs have more recently begun collaborating, whether through joint ventures, alliances, or acquisitions. Such arrangements are providing additional growth opportunities for fintechs while enabling more mature institutions to expand their traditional operations.
Regulatory scrutiny. Early on, fintechs were relatively unhindered by regulatory requirements that bound banks and other financial institutions. But regulators have started articulating their expectations of fintechs.
Combined, these forces are creating an array of potential fintech risk management requirements, which can have impacts in four broad areas:
Potential impacts for fintechs
As these risks become more apparent and increase with the growth of a fintech company, existing risk management programs inclusive of compliance—if they exist—will likely need to be revisited or expanded.
Effective risk management can be a revenue enabler. The success of those programs in rapidly changing regulatory and business environments will become increasingly important, as they are already for traditional financial services companies.
there is Five principles of effective fintech risk management
So if a company doesn’t have some form of risk management program in place or if an existing program is rudimentary in scope and design, where can it begin? Here are five basic principles of effective risk management:
Tone at the top. It’s imperative for a company’s board of directors and executive management to understand the organization’s critical processes, internal controls, and mitigation plans and to spearhead the creation of an organizational structure and culture in which “risk appetite” is both understood and adhered to.
An end-to-end perspective with strong focus on risk-based actions. It’s important to define and document a risk framework that aligns with the regulatory and operational risks identified through a formal enterprise risk assessment. Once the framework is established and regulatory risk processes and programs are in place, periodic testing should be performed for risk identification and control mitigation.
Effective incentives. With clear risk tolerances established and communicated throughout the organization by the board, management, and risk committee, employees at all levels should be empowered to step forward if they have risk-related concerns.
Risk management baked into new products. As new products and services are developed across the organization, and as new relationships with outside parties are formed, all the dimensions of risk should be considered and incorporated.
Accountability. Stakeholders across the organization, inclusive of revenue producing and non-revenue producing support staff, should be responsible for adhering to established risk tolerances.