How to launch a Fintech product in alliance with compliance

In this article, Samir Azizov, CFO at Global Financial Innovations, cover how to launch a Fintech product under compliance and regulation, including where to start and what to pay attention to as well.

6 min read
Share on

For the last decade, the financial technology sector has been growing rapidly and continuously, producing unicorns such as Stripe, Checkout.com, Brex, Revolut, and many more worldwide. According to the latest research, publicly traded fintechs had a market capitalisation of $550 billion, showing 200% growth since 2019. Offering a wide range of products and services has revolutionised the traditional financial market, making it more accessible, flexible, and easy to use. Yet, the financial market puts a lot of pressure on the fintechs and their teams, especially regarding regulation.

Banking, credit cards, insurance, money transfer, consumer protection, and privacy are all subject to regulatory authorities. Even those B2B fintechs who develop software or provide services to other fintechs must be compliant and stay up to date with a wide range of regulations and rules. A product manager, who plays the most crucial role in product development, needs to be aware of all the compliance that the product is under and ensure that the proper measures are implemented to meet the requirements.

The first step that a product manager should take is to evaluate the regulations that their product falls under. The bad news is that many of them vary within industries and across countries. Noncompliance can lead to fines, not obtaining or even losing a licence, and potential damages to the company’s reputation (losing the trust of customers, investors, and other stakeholders). The good news is that with the right approach to the regulations, using them to lead you in the right direction and mitigate risks will ensure that your product is risk averse, safe for users, and competitive in the market. We’ll review the main regulations the product team should consider and measures to take before launching.

All fintech companies offering financial products should obtain a licence in their regions of operation. For example, UK’s Financial Conduct Authority (FCA), The Federal Financial Supervisory Authority in Germany, the Federal Deposit Insurance Corporation (FDIC) in the US, etc. Getting a licence is a crucial step in starting a company: without it, the business can’t operate. Depending on the operational specifics and market niche, it will be a banking, payment institution, or crypto licence.

Of course, obtaining a licence is not the task of a product manager. This is where a compliance expert or legal counsel is helpful. However, the regulator and a Sponsor Bank partner (the bank providing the banking licence) will need documents with a clear product development vision for due diligence and compliance programs.

The product team will work on compliance policies and procedures documents with the overall vision and detailed information on how the product will be built, function, and interact with users, and evolve in compliance with regulations over time. It will include roles and responsibilities, maintenance processes, and crisis management (such as user data leakage).

Next, the product team should be presented with the compliance policies and procedures. Everyone on the product development team, from engineers to marketing and sales, should understand compliance, requirements, product implementation, consequences of non-compliance, and crisis response measures. For example, while the legal team gives recommendations, the engineering team implements all compliance rules, and UX/UI design ensures that the interfaces are built to be compliant. Marketing and sales promote the product right to the market.

At Global Financial Innovations, it took us at least six months to prepare everything to apply for a licence. During this time, a cross-functional team was working on various documents and procedures, making sure the business would be compliant with the conduct regulator in the UK.

Data privacy and protection will be crucial for the product team while developing a fintech product. Besides some basic client info that every business might possess while assessing users, fintechs hold sensitive financial information. Non-compliance and data leakage will cost the business hefty fines.

An information security program and user data policies should be implemented to mitigate risks. The product team will ensure that users’ vulnerable data is secured by building safe interfaces, websites, and applications, creating and documenting processes around releasing code, and monitoring access to sensitive information within the team. Data policies should be transparent and easily accessible for users through the interface and by request.

It’s where every member of the product team will be involved, from website cookies management to client contracts. The product manager’s role is to ensure that the cross-functional team pays attention to compliance. On top of that, both information security programs and user data policies should be updated and reviewed regularly, including vulnerability and penetration scans.

For instance, Global Financial Innovations provides all the details about our personal data compliance policies on our website. Our team also makes sure that they have read all the policies, and terms and conditions, where we describe in detail how data is protected by the company. In turn, we use secure servers, frequent password changes, and external audits of the security system.

At the same time, while ensuring user data is secure, the fintechs are also responsible for monitoring any suspicious financial user activity and reporting it to regulatory authorities. Two requirements are essential: Know Your Customer (KYC) and customer due diligence (CDD). Why are they important? Like other financial industries, fintechs may deal with crimes such as money laundering or fraud. Noncompliance with the regulations can lead to severe sanctions, such as fines and disciplinary action.

Policies and templates should be developed for the UX/UI, engineering, marketing, and customer support teams. Their role will be to ensure that users or clients are real people and that they provide the business with genuine information. This includes submission forms, due diligence calls, and other security measures. There are many tools on the market that can be helpful. We’re actively using third-party tools to verify new clients, as well as to monitor transactions.

Next, attention should be paid to the partners that the product engages with. A partner information process will include some basic requirements, such as ensuring that the partners offering financial products are certified, informing the partner about compliance with the product, and being ready to undergo potential audits or mandatory reporting.

The product team will play a crucial role in ensuring product compliance. Yet, it’s important to underline that it’s not only the product team's responsibility but that of the whole company. Collaboration with the compliance team is essential, and the product manager's responsibility will be facilitating communication between cross-functional teams and the legal team. They will speak different languages - of technology, law, and commerce - and the product manager needs to be a mediator between them. That’s why understanding the basics of compliance and having at least a high-level view of it will be a crucial skill of any fintech product manager.

Explore more great product management content by exploring our Content A-Z