Phil Bindley, Managing Director at The Bunker, explains why early stage Fintech businesses must focus on compliance and security throughout their develop, if they are to create successful, profitable products.
The financial services industry features a complex ecosystem of large institutions, smaller supporting businesses and boutique organisations that are all governed by strict and intricate regulations and legislation. These organisations face a significant obstacle to remain in compliance with these regulations, and those that violate them may find that they receive significant penalties from regulators who, following the financial crash of 2008, are keen to reinforce good conduct within the industry. It is therefore critical that any business operating within the financial services industry prioritises compliance, making it a fundamental part of business operations and product development.
In recent years the financial services industry has been increasingly subject to disruption from innovative Fintech businesses, with developers creating innovative products and services that can offer financial institutions a ream of benefits. Better customer service, more efficient delivery of services and an expansion of product portfolios are just some of the advantages that financial institutions, which have traditionally been reluctant to embrace innovation, can expect to achieve from the Fintech revolution.
However, Fintech faces a challenge in that many of the best ideas come from people with a background in application development rather than in financial services. The result is that great product design is often prioritised over compliance. A greater awareness of the financial regulations from the very beginning can help to avoid issues before they ever materialise. Financial institutions handle vast quantities of money from market trading, pension funds, personal deposits and other forms of capital. It is critical that these vital financial assets can transition through the financial with absolute security. Large financial organisations cannot take the risk of putting the resources and assets of their clients and customers into the hands of a service provider that may not be entirely secure and compliant with the relevant regulations.
Early stage Fintech businesses must therefore prioritise compliance throughout the Software Development Lifecycle. Any platform that operates within the ecosystem of large financial institutions must feature the highest levels of compliance, so for an early stage Fintech business to stand a chance of launching a successful product and it being adopted within the finance industry, it must focus on compliance.
Many early stage Fintech businesses understandably focus their efforts on creating the ultimate customer experience for their products, or developing a full suite of services to make their product as competitive as possible. In many cases compliance is an after-thought, with developers forced to try to adjust their product after it has been completed to make it compliant with the relevant regulations. This can cause a very costly delay in the development of the product and, in some cases, it may even result in the product having to be completely rebuilt. This is not only incredibly damaging for the developers, but also for their investors, who risk diminishing returns if the Fintech businesses they put their money into do not deliver a successful product on time.
Developers need to be aware of the wide variety of regulations that they need to abide by. The highly-regulated financial services sector features several significant regulatory hurdles – such as the European Union’s Revised Payment Services Directive (PSD2), which will force banks to open their data and infrastructure to third party developers, and the Payment Services Regulation 2009, which places strict conditions on any business operating within the payment industry to ensure maximum consumer protection and establishes the maximum processing times for payments in the euro and other EU currencies.
Prioritising their compliance with these regulations can give ultimately give early stage Fintech businesses a head start in launching their product on the market. Data centres that not only guarantee UK data sovereignty but conform to the most demanding industry standards play a critical role in helping Fintechs to comply with the financial services sector’s strict regulations. Navigating the compliance landscape can be particularly challenging as many Fintech businesses, while heavy in technology innovation can benefit massively from service providers that are experienced in delivering technology and cyber security services in the financial services sector. That is why it is crucial that Fintechsform partnerships with providers who can offer the relevant experience and expertise to help them overcome these potential obstacles.
It is also not just about financial regulatory compliance but also about data security, ensuring the overlap between compliance and security remains the most important facet of a business’s development life cycle.
Security is a fundamental part of compliance. Fintech platforms are playing increasingly important roles in financial organisations’ operations, and any breach in security could be catastrophic for businesses and individuals throughout the financial sector and beyond. It is therefore crucial that every early stage Fintech business make security a priority, as part of their approach to compliance. Any financial institution considering adopting a fintech product will, first and foremost, consider the security of that product. Early stage Fintech businesses that prioritise security will stand a much better chance of delivering a successful product and building their market share.
Regular assessment of both security and compliance, throughout the Software Development Lifecycle, is critical to helping early stage Fintech businesses experience smooth growth as they on-board new customers or receive additional funding. Being able to say that you’re confidently in control of your business’s compliance and security speaks volumes for any potential customers. If data management processes are compliant with the relevant regulations and legislation, hosted on a dedicated, ultra-secure, managed infrastructure, the risk of business failure due to regulatory and compliance issues is dramatically reduced.