FinTech Licensing vs White-Label?
Pursuing your own licenses in 2023-2024 will take even longer for a number of factors, therefore, the dependency on your White-Label partners will increase. Success in FinTech Compliance in 2023 and beyond will depend on your ability to satisfy your White-Label partners and keep your costs low.
Why securing your own licenses during 2023-2024 will take extremely long:
- FTX fallout will increase regulatory scrutiny around all VASPs.
- Many card-issuing FinTech and BNPLs will crumble and may collapse similar to crypto players because their business models cannot survive under the current interest rates with higher inflation and consumer credit defaults under the horizon. This domino effect among non-crypto FinTechs will slow down the issuance of EMI and PI licenses.
- Most regulators are already overloaded with VASP applications (some regulators such as Singapore MAS and UK FCA reported around 500-1000 applicants in waiting)… chances are – they don’t want to quickly approve all of them, given what’s going on in the crypto industry right now.
- The introduction of MICA will flood all European regulators with applicants who would need to be re-certified.
White-label partners tend to be more conservative than regulators and tend to introduce their own requirements that are above the regulatory minimum. Your ability to satisfy the compliance requirements of your banks and white-label partners at the lowest possible cost will likely determine the future of your business.
The majority of FinTech CEOs or founders know that they overspend on compliance. They agree to hire too many people and purchase too many tools because they have been led to view compliance as a static exhaustive checklist of requirements and things to do. They take all requirements as granted.
When I introduce the concept of “just in time” as opposed to the traditional “just in case” compliance, they are excited because they hope that it would be possible to do less and achieve better compliance.
But here is the catch: since there is no long checklist of 100% compliance, there is also no short list of minimum viable compliance.
Why do many founders still believe that there must be some minimal level of acceptable compliance that can be implemented in one week and will allow them to survive for a while? Usually, this minimum list is given by your White-Label partner.
Your time horizon is limited to closing one specific partnership or completing one audit. You are preparing yourself to throw away all these efforts and re-do your compliance completely when the next fire hits. In many cases, you will be firefighting to pass the next audit or to satisfy the demands of your next banking partner without any strategy or long-term planning. It will cost you more and take longer because you are trying to find your way out of a labyrinth without a map or compass.
The biggest problem with this approach of externally-forced compliance is that you won’t be able to reuse it because it is driven by external demands. You are just building something with the sole purpose of “not getting caught” today. Your next partner, next auditor, or next regulator can come in and kill everything you did thus far, and you will be back at compliance “square one” and face the necessity to invest in compliance again.
The difference between this firefighting and “just in time” compliance is that “just in time” compliance structure and requirements come from your internal risk assessment where use the legal guidance to justify why you need or don’t need certain processes or tools or controls or people.
Just in Time Compliance is a way to pragmatically accept risks and use a regulatory framework to support your decisions. Since this process is internally referenced to your specific risks and your business model, it can withstand almost any external inspections.
Now you can probably realize why just-in-time compliance is much more efficient than firefighting and implementing something a random 3rd party told you to build because you are risking that your next partner, next auditor, or next regulator can come in and kill everything you did before.
Let’s still address the next big elephant in the room.
You may be thinking: “But my auditors told me to implement these processes” or “BIG4 advisors reviewed our plan and told us what to do” or “we would not be accepted by this bank, unless we agreed to implement everything they told us.”
Yes, it’s true. There are always a lot of people who think they know what you should do. Including your and my grandmothers.
But…
I hear it over and over again from my clients during their audits and regulatory inspections:
“Last year we did exactly the same process, the auditors told us to do XYZ, and we followed their recommendation. Why suddenly this year this is no longer sufficient or compliant?”
I am sure, you can relate because the problem with relying on any authority figure (including our grandmothers) is that they are forgetful, inconsistent, and can change their mind any time, and your business is not really their problem so they don’t actually fully understand it. But you are the one paying for costly mistakes, unnecessary processes, and lost opportunities.
If you don’t know why you did something last year or whether or not you should do the same thing this year because you have not yet built your own “just in time” pragmatic risk acceptance framework, you are wasting your time and money. Big time.
We all know the unfortunate statistics. Very few FinTech startups keep growing, secure licenses and partnerships they want, and are loved and praised by their customers… while most other startups struggle and run out of money.
Revolut, Binance, and Crypto.com got away with murder countless times (for now)… They are subject to the same regulations, as many other FinTechs, and they face the same competition…
And what do you think will happen to your business if you keep investing in compliance processes, while customer acquisition costs and the costs of onboarding and maintaining your customers get more expensive day by day?
How much longer can you sustain investing in compliance processes and compliance team expansion and following the old-fashioned advice that you need to be on the “safe side” and be “fully compliant” and “get ready” for audits and inspections, when you know, that it is not going to be sustainable and that everyone advising you to spend money on better compliance is not really looking at your business costs or competitive threats and does not have any financial skin in the game.
“Just in time” or “agile” approach to compliance is the fastest and most efficient way to scale your FinTech, launch innovative products, and keep customers happy, while at the same time meeting all relevant regulatory requirements.
What does it actually mean?
Most laws and regulations about compliance are actually open-ended and allow multiple alternatives. It comes down to how to define and mitigate your risks and make a case for how you want to organize your compliance. You should not try avoiding risk because trying to avoid risks will mean you will find more risks that you need to avoid.
For the longest time, banking industry veterans have been saying that financial companies survive and grow by avoiding risks because from their perspective avoiding risks equals avoiding losses and keeping customers’ money safe.
However, this might be the worst possible advice in the financial industry. Amazon, PayPal, Revolut, Crypto.com, Monzo, Kraken or Coinbase, and the majority of other FinTech unicorns have a common history of early losses, aggressive growth strategies, and a very selective and creative approach to compliance and regulations.
You have heard the expression “what does not kill you will make you stronger” and this is exactly the risk-management strategy used by many successful fast-growing unicorns: they rarely over-invest in regulatory projects or prepare for unlikely adverse scenarios until such time when it’s certain that they absolutely need to act and it’s clear what needs to be done.
Still don’t believe me?
Where do you think is the biggest FinTech cost and the time spent? – It’s the cost of customer acquisition and resources spent doing redundant reviews, maintaining inactive accounts, and handling false positive alerts. All of this happens because you hired too many compliance people and introduced “just in case” processes before you actually needed them, you triggered some of the compliance checks for your customers too early in the customer journey or for the wrong categories of customers.
Well, I’m glad we are on the same page now.
By now, you have probably realized that the most efficient way to cut costs and grow your FinTech business is to do the right things at the right time, and instead of avoiding risks, all you need to avoid is unnecessary investments of time in money into projects, people, processes and tools that you don’t yet need.
So, who do you secure White Label Partnerships and satisfy their due diligence and continue pursuing your own licensing at the lowest possible costs?
If you are building your compliance based on just in time principle, you can achieve all of these goals without building different sets of compliance processes and without overinvesting in projects or things you don’t need.
It does not mean, you should stop applying for your own licenses. It just means you have to plan 24 months instead of 12 to get there. and to use White Label solutions in the interim.
White-Label partnerships will continue to be the easiest and most common strategy to launch new FinTech projects, and your success will depend on your ability to balance your costs and efforts between satisfying your White-Label partners while pursuing your own licensing.
Which is why I’d like to invite you to a workshop on FinTech Licensing versus White Label: Pros and Cons.