Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Navigating Legal and Compliance Challenges when Starting Out

iStock 1289344016 - Global Banking | Finance

114 - Global Banking | Finance

By Simon Dodds, Of Counsel, Shearman & Sterling

The complexity and uncertainty of law and regulation pose challenges for FinTechs and other startups in the financial services sector. Early stage FinTechs may structure their business to keep outside the relevant regulatory perimeter, but over time many find themselves within it, and subject to some form of regulation. Even outside the regulatory perimeter, certain regulations can apply to those operating in the financial services arena. Uncertainty over the precise scope of regulation creates further challenges. One way or another, most FinTechs need to engage with the regulatory system, which brings with it risks and costs.

In response, startups must:

  • understand the impact of regulation on their business, including those areas of uncertainty;
  • develop an approach for engaging with the regulators;
  • establish legal and compliance functions that define and implement a controls framework that meets regulatory requirements; and 
  • implement a governance structure to ensure effective senior management oversight of regulatory compliance.

Assessing the impact

This can be expensive. Startups, naturally, are focused on developing their business model. Founders, management and funders are focused on financial performance. Funds are limited and the desire is to deploy scarce resources, financial and otherwise, on business generation and growth. Nonetheless, the risks of getting compliance wrong — in terms of regulatory enforcement, financial and other sanctions, and reputational damage – are too great to ignore. Early investment in legal and regulatory compliance, in the necessary people, structures, processes and procedures, is money well spent. 

Legal uncertainty is a recurrent challenge for startups. Business innovation runs ahead of the law. Crypto is one area where companies are creating, distributing and growing products in a new and fast evolving arena. Is the crypto instrument under consideration regulated and, if so, by which agency? Is it a security? Can it be sold to the public? Unsurprisingly, it takes time for lawmakers and regulators to respond, and they respond in different ways in different jurisdictions. In the meantime the gaps need to be filled by interpreting the existing law, as best one can. The UK, EU and US approach crypto regulation differently and startups must be sensitive to uncertainties in the places they operate. A lack of regulation, where it exists, may be useful, giving startups freedom to grow in a regulation-free environment. However, this is likely to be a temporary reprieve. The regulation of crypto is inevitable. The question is simply: when and to what extent.

In response, it is critical for startups to engage with the detail of current law and regulation, to understand its existing scope, the gaps and how law and regulation will likely evolve. Working with internal and external lawyers is the most effective way to address this challenge. Working with the right experts can help startups navigate the areas of uncertainty and find opportunities for business growth. Startups may also want to develop a regulatory affairs capability able to engage with lawmakers and regulators as regulation develops. 

Engaging with the regulators

Startups, crypto or otherwise, will find themselves under increasing regulatory scrutiny as they progress their operations. It is vital to engage, where appropriate, with the regulators in a thoughtful manner. A topical area of concern in the current environment is sanctions compliance. Within the last couple of years, the UK’s Office of Financial Sanctions Implementation has fined FinTechs for violations of sanctions law. The Russia/Ukraine war and related sanctions will likely trigger an increase in enforcement. 

The importance of credible legal and compliance functions

The challenge of compliance with anti-money laundering rules is an area of perennial concern for startups. The UK Financial Conduct Authority has been made responsible for registering for AML purposes entities undertaking crypto-asset activities but which are otherwise not regulated. FCA has been scathing about the poor quality of current compliance.

Operational resilience is therefore a topic of interest for the FCA encompassing, among other things, cyber security. The FCA’s operational resilience requirements, similar to those in the EU, will capture regulated entities. They may also ensnare non-regulated entities providing services to regulated entities. This is one area where startups may be caught even if they have arranged their business to remain outside the regulatory perimeter.

The UK’s introduction of a new “consumer duty” is yet another area where regulatory developments may catch startups even in their early stages, and where compliance processes will need to be sophisticated. The FCA is casting its net widely, potentially to capture all participants in the process of product development and distribution, even if the particular entity does not deal directly with consumers.

This means that, in order to respond to the host of challenges posed by regulatory compliance, startups must develop a robust and effective compliance controls framework. This requires the establishment of standalone legal and compliance functions, staffed by skilled, experienced professionals. It requires the production of policies, processes and procedures across all relevant areas and the training of front office staff. It requires investment in IT systems (often an area of strength for FinTechs) to effect surveillance and similar tasks. Startups must implement governance structures to ensure effective senior management oversight of the compliance controls framework. This will involve a clear articulation of management roles and responsibilities, clarity as to how management should carry out their responsibilities, and a coherent committee structure.

Senior management involvement

The demands outlined are very similar to those expected of much more established financial institutions. Understandably, startups may recoil at the imposition of what feels like a cumbersome bureaucracy, the very antithesis of the small, nimble startup. Such a reaction is understandable but overdone. Startups often plead for the imposition of regulation to be proportionate to their size and maturity, and it may be that regulators show some forbearance. It is important however to work with internal and external legal and compliance advisors to ensure that the compliance framework implemented meets legal requirements without becoming overly complicated or overly dependent on a box ticking exercise. Lawyers can be instrumental in producing an appropriate, effective and efficient compliance framework. The responsibility for having appropriate arrangements ultimately resides with senior management, and is seen by the regulators as resting with them even where they have appointed specialist help. The costs of getting compliance wrong are too great to ignore and are potentially fatal. It is essential that senior managers in startups grapple with the challenges of developing a compliance controls framework that allows them to continue their development and growth journey without significant risk of enforcement. 

About Author:

Simon Dodds is Of Counsel at Shearman & Sterling, and has had a 30 year career as a senior lawyer and compliance officer at Deutsche Bank, including as global General Counsel and Head of Compliance.


Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post