An overview of Fintech Regulations: What you need to know before launching your fintech product

Fintech regulations is a deep subject. If you plan to launch a fintech product or fintech services, its good to have a deep understanding on this. In the previous article in this series, we learned the key insights about the European regulatory compliances like PSD2. To find out more about the subject, you can read our blog article on Payment Service Providers Directive 2 or PSD2: what it means for FinTech businesses. In this article, we will take a look at some of the essential regulatory information that is associated with launching a fintech product in the United States. 

New developments in the financial services industry have garnered widespread attention, especially among the Fintech players in the United States. The players come in myriad forms and sizes, offering their customers a wide array of products and services. Although the U.S. fintech landscape and its regulation are still in their nascent stage, the amount of investments being pooled in the industry is larger than ever.

Global fintech market is expected to grow to a market value of $305 Billion by 2025, with CGAR of 22% over 2020-2025.

The most popular services that are being offered by fintech businesses include payments, online lending, robo-advice, insurance, and other virtual currency financial products that rely on distributed ledger technology. We can also see a growth in regulators that use regtech to help financial institutions achieve effective compliance with regulations. 

Fintech businesses in the U.S. are not obligated to follow a fintech-specific regulatory framework by a particular federal or state regulator. However, based on the nature of their business operations, they are subject to a variety of state and federal licensing requirements, and hence, also subject to laws and regulations at both the federal and state levels.

For instance, FinTech companies that provide financial services to American customers will have to comply with several federal laws that govern their data gathering and sharing practices (such as the Gramm-Leach Bliley Act and the Fair Credit Reporting Act). The CFPB has broad jurisdiction over entities that provide financial services to consumers and FinTech entities offering these services may therefore be subject to the US federal consumer protection laws.

Regulatory bodies 

Fintech products and services can be subject to the overlapping jurisdiction of several regulators such as-

• the Federal Reserve;
• the OCC (Office of the Comptroller of the Currency)
• the Financial Industry Regulatory Authority
• the Federal Financial Institutions Examination Council (FFIEC)
• the CFTC (Commodity Futures Trading Commission)
• the Securities and Exchange Commission (SEC)
• the Financial Crimes Enforcement Network (FinCEN)
• and the Consumer Financial Protection Bureau (CFPB)

At the state level, relevant regulators usually include state banking departments, consumer protection agencies, secretaries of state and state securities commissions.

Laws and regulations

There is a wide variety of regulations that govern fintech institutions. Statutes that govern fintech are generally accompanied by implementing regulations. These statutes and regulations may be associated with the products or services themselves or issues that are related to it. At the federal level, some of the main regulations that need to be taken into account while launching a fintech product include- 

1. Electronic Fund Transfer Act and Regulation E: This refers to a federal law that offers protection to consumers during electronic fund transfer. This includes the use of debit cards, ATMs, and automatic withdrawals from a bank account. EFTA defines the requirements for fintech companies to follow when errors occur. Under EFTA, consumers can challenge errors, get them corrected. Consumers could also receive limited financial penalties under EFTA.
2. Fair Credit Reporting Act and Regulation V: This law regulates the gathering of consumers’ credit information and access to their credit reports. It applies directly only to banks that are members of the Federal Reserve, but, it has indirect bearing on any parties which obtain and use consumer credit information.
3. Expedited Funds Availability Act and Regulation CC: This law is associated with fund availability from consumer and business customers’ deposits in transaction accounts. It also promotes the expedited collection and return of checks and electronic checks. Banks and other financial institutions must inform customers of their policies on deposit holds and policy changes.
   
   
4. Truth-in-Savings Act and Regulation DD: This act was formulated to allow consumers to make better decisions regarding their bank accounts. It is applicable only to accounts opened by individuals, to help them make intelligent decisions about where to open financial accounts.
   
   
5. Truth-in-Lending Act and Regulation Z:  This act offers protection against incorrect and unjust credit billing and credit card practices. According to the act, lenders must be completely open about loan cost information so that consumers will be able to compare different kinds of loans.
6. Graham-Leach-Bliley Act and Regulation P (covering privacy): This act ensures that financial institutions will be open about their information-sharing practices to their customers and to safeguard sensitive data.
7. Securities Act 1933: This act requires that investors receive financial information from securities being offered for public sale.
8. Securities and Exchange Act 1934: This act was passed to govern securities transactions on the secondary market. It is supposed to promote an environment of fairness and investor confidence.
9. Commodities Exchange Act: The commodities exchange act was designed to prevent and remove obstructions on interstate commerce in commodities by regulating transactions on commodity futures exchanges.
10. Equal Credit Opportunity Act and Regulation B: This act bans credit discrimination on the basis of race, color, religion, national origin, sex, marital status, age, etc.

Cybersecurity regulations

Cybersecurity is a key aspect of all online transactions. Several federal and state regulatory authorities have taken initiative in setting standards for fintech organizations with the goal of ensuring maximum cybersecurity. Most organizations that fall under-regulated industries like healthcare, manufacturing, and retail will have to follow sector-specific data security regulations.

Many states in the U.S. will ask companies to enforce data security protection measures in case they have access to personal information about state residents. These laws will ask businesses to deploy security measures that are suitable to the nature of the information involved. The goal here is to protect this personal information from unauthorized access, destruction, use, modification, and disclosure.

There are a few states that have slightly more specific regulations in place. For instance, Massachusetts’ data security regulations implement particular data security standards for computer systems. Massachusetts and Nevada laws also require certain more sensitive personal information to be encrypted when transmitted wirelessly, on portable media, or outside the physical or logical controls of a company.

While launching a fintech product, it is important to consider state statutes as well. These can often include state banking laws like laws governing bank branching, use of video tellers, and ATM placement and usage. Many states also have statutes banning certain unjust and deceptive acts and practices. We can also see separate regulations that govern the use of electronic records in connection with notarized documents and real estate records.

Like in most other countries, U.S. regulatory bodies have taken quite a while to adjust to the major developments attributed to the growing popularity of the fintech industry. It is evident that a wide knowledge gap still exists between regulators and the businesses that come under their jurisdiction. Fortunately, the regulatory landscape is constantly changing for the better. Regulators have started adapting to the fintech sector and have taken an initiative to simplify the byzantine legal framework in order to encourage growth.