Compliance vs. design: What should be the priority for financial services?

By Phil Bindley | 5 October 2017

The financial services sector is one of the most highly regulated industries in the world. Banks, hedge funds, payment services and a wide range of supporting businesses are subject to myriad regulations and legislation, which can differ depending on the territory they are operating in. Adhering to this extensive and complex set of regulations is essential for a business to operate successfully in the financial services industry. Failing to remain compliant can lead to regulators imposing stiff financial penalties, which can be potentially devastating for early stage businesses without a solid financial footing.

Fintech has become one of the most exciting areas of technological development in recent years, with developers creating ground-breaking products and services that are disrupting an industry that has traditionally been reluctant to embrace innovation. With London at its centre, the fintech industry has the potential to offer financial institutions cost effective and innovative solutions to improve their customer service, deliver their services more efficiently and expand their product portfolios to prepare for the digital transformation.

However, there is a challenge at the heart of fintech in that many of the best ideas come from people with an application development background rather than in financial services. The result is that compliance can come second to a great product design. A greater awareness from the very beginning of the financial regulations that exist is valuable and can remove problems before they ever materialise. Financial institutions handle vast quantities of money from market trading, pension funds, personal deposits and other forms of capital. The secure transition of these vital financial assets through the financial system is of paramount importance. IT decision-makers at large financial organisations cannot take the risk of putting the resources and assets of their clients and customers into the hands of a service provider that may not be entirely secure and compliant with the relevant regulations.

It is therefore critical that early stage fintech businesses prioritise compliance throughout the development of their products. Financial institutions demand the highest levels of compliance from any platform that operates within their ecosystem, so to stand a chance of launching a successful product and it being adopted by financial institutions, early stage fintech businesses must focus on compliance.

Many early stage fintech businesses understandably focus their efforts on creating the ultimate customer experience for their products, or developing a full suite of services to make their product as competitive as possible. In many cases compliance is an after-thought, with developers forced to try to adjust their product after it has been completed to make it compliant with the relevant regulations. This can cause a very costly delay in the development of the product and, in some cases, it may even result in the product having to be completely rebuilt. This is not only incredibly damaging for the developers, but also for their investors, who risk diminishing returns if the Fintech businesses they put their money into do not deliver a successful product on time.

Developers need to be aware of the wide variety of regulations that they need to abide by. The highly-regulated financial services sector features several significant regulatory hurdles – such as the European Union’s Revised Payment Services Directive (PSD2), which will force banks to open their data and infrastructure to third party developers, and the Payment Services Regulation 2009, which places strict conditions on any business operating within the payment industry to ensure maximum consumer protection and establishes the maximum processing times for payments in the euro and other EU currencies.

Prioritising their compliance with these regulations can give ultimately give early stage fintech businesses a head start in launching their product on the market. Data centres that not only guarantee UK data sovereignty but conform to the most demanding industry standards play a critical role in helping fintechs to comply with the financial services sector’s strict regulations. Navigating the compliance landscape can be particularly challenging as many fintech businesses, while heavy in technology innovation can benefit massively from service providers that are experienced in delivering technology and cyber security services in the financial services sector. That is why it is crucial that fintechs form partnerships with providers who can offer the relevant experience and expertise to help them overcome these potential obstacles.

It is also not just about financial regulatory compliance but also about data security, ensuring the overlap between compliance and security remains the most important facet of a business's development life cycle.

Security is a fundamental part of compliance. Fintech platforms are playing increasingly important roles in financial organisations’ operations, and any breach in security could be catastrophic for businesses and individuals throughout the financial sector and beyond. It is therefore crucial that every early stage fintech business make security a priority, as part of their approach to compliance. Any financial institution considering adopting a fintech product will, first and foremost, consider the security of that product. Early stage fintech businesses that prioritise security will stand a much better chance of delivering a successful product and building their market share.

Regular assessment of both security and compliance, throughout the Software Development Lifecycle, is critical to helping early stage fintech businesses experience smooth growth as they on-board new customers or receive additional funding. Being able to say that you're confidently in control of your business's compliance and security speaks volumes for any potential customers. If data management processes are compliant with the relevant regulations and legislation, hosted on a dedicated, ultra-secure, managed infrastructure, the risk of business failure due to regulatory and compliance issues is dramatically reduced.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development