Regulatory and business challenges to fintech M&A

White & Case LLP
Contact

White & Case LLP

Fintech's wealth of opportunities is attracting interest—yet the uncertainty of its future direction means the financial services industry needs to tread carefully.

As exciting as the growth of fintech has been over the past decade, and as powerful an enabler as its technology has proven to be for service providers and customers, the space has inevitably encountered the growing pains that come with rapid expansion. Cyber security, investment risk and regulation are among the main issues that fintech has been grappling with as it has increased in size and become more influential in financial services.

59% do not think fintechs should be subject to tighter regulation

Source: White & Case fintech M&A survey 2016

For example, banks and regulators have expressed concerns about the safety of customer data held by banks being made available to third-party fintech providers for use on their apps. New York's Department of Financial Services has gone so far as to request input from other regulators on the issue. There is a lack of clarity on whether customers will be reimbursed by the Federal Deposit Insurance Scheme (FDIC) if data is hacked from a third-party app. 

On the question of investment risk, meanwhile, huge drops in company valuations such as Lending Club in the U.S., the demise of UK mobile payments company Powa and the failure of high-profile crowd-funded companies such as Rebus and Zano have given investors reason to pause. Further, differing regulatory approaches to fintech across key jurisdictions have also been a challenge.

31%

highlight lack of regulatory clarity/responsibility as the main regulatory issue

Source: White & Case fintech M&A survey 2016

26%

find data protection a challenging regulatory issue in fintech

Source: White & Case fintech M&A survey 2016

Regulation in fintech

Developing an appropriate regulatory framework for fintech is no easy task for financial services watchdogs.

Existing financial regulatory frameworks are ill-equipped to oversee dynamic and rapidly changing fintech companies, but at the same time need to ensure that customers are protected and that there is a level regulatory playing field for fintech business and financial services companies that are already regulated. There is a delicate balance to be struck between robust regulation and fostering innovation.

"Regulation is a big challenge when technology is moving so quickly and developing across so many different jurisdictions. It is difficult to read where regulation is going and what it will look like in the future," a European banker says. "Once that picture becomes clearer, it will be to the benefit of the industry and will encourage more investment."

As it stands, fintech regulation differs markedly from jurisdiction to jurisdiction. In the UK, the Financial Conduct Authority (FCA) has been very supportive of fintech, laying on significant support for startups going through the regulatory process for the first time. The FCA has also set up a "regulatory sandbox", which allows unauthorised firms to obtain restricted authorisation to test innovative products or services in a live environment. It also assists authorised firms in a number of ways to test innovative products or services that may not easily fit into the existing regulatory framework.

"Regulatory innovation is as important as technological innovation if fintech is to continue progressing," says Alastair Lukies, chairman of Innovate Finance, an independent not-for-profit membership organisation serving the global fintech community. "This is also a new area for financial regulators, but there is a recognition that they can afford to be open to innovation without losing control."

Some jurisdictions are not as amenable, however. BaFin in Germany, although supportive of fintech, has been more cautious and reluctant to offer special arrangements for innovative fintech firms. On its website, BaFin notes that, "The challenge… is not to stifle innovation through excessively strict regulation on the one hand, while at the same time preventing these innovations from voiding the supervisory principles on the other, since [fintech firms] do not operate in a vacuum. Their business models also need to be in line with the regulatory requirements and consumer protection."

There is less clarity in the U.S., the world's largest fintech market. It's difficult to identify which of the many federal and state regulators should monitor the sector, and how to get them to work together. The Office of the Comptroller of the Currency (OCC) is currently undertaking an initiative in order to "improve how the OCC evaluates innovative products, services, and processes that require regulatory approval and identifies potential risks associated with them."

As for which regulatory or compliance issues respondents find most challenging, data protection tops the list (26 per cent), while 14 per cent identify consumer protection as the key challenge. Elsewhere, 12 per cent say intellectual property (IP) issues are particularly challenging. Twenty-five per cent identify other areas including money laundering and capital controls (Figure 19).


View full image

Data is a central and valuable asset for many fintech companies. This means that data protection is becoming an increasingly prominent issue as more and more information about customers, businesses and other stakeholders is stored online—indeed, more than a quarter of respondents cited data protection as their main regulatory and compliance challenge.

Failure to comply with data protection regulation can prove costly in the fintech space in both financial and reputational terms. Online payment startup Dwolla, for example, was fined in March 2016 by the Consumer Financial Protection Bureau for allegedly misrepresenting how it protected the data of its customers.

In the UK, these issues are only going to become more pronounced as the industry becomes more reliant on the free flow of data.

In August 2016, for example, the Competition and Markets Authority told the largest retail banks in the UK that they must develop and adopt an open application programming interface (API) banking standard in order to enable customers to share their data with third-party app developers and competitors within the next two years in order to help customers find better deals.

Striking a balance between the need to be more open with data and the need to keep data secure is likely to be a major challenge in the fintech sector for the foreseeable future. Data protection is only likely to become more serious. The General Data Protection Regulation (GDPR) enters into full force on 25 May 2018 and brings with it maximum fines of up to €20 million or 4 per cent of worldwide turnover—whichever is greater.

Existing regulatory frameworks are ill-equipped to oversee dynamic and rapidly changing fintech companies, but at the same time need to ensure that customers are protected

Assessing and calculating the unknown

Evaluating the risks associated with fintech assets and the values of such assets is a major concern. Fintech companies rely heavily on intangible assets such as software, databases, data, know-how and business methods. More than half of respondents (54 per cent) feel that doing due diligence on such assets is one of the top three biggest challenges to fintech deals (Figure 20).


View full image

Working out who owns the intellectual property rights or other rights in such assets is, for instance, usually complex and often requires rather extensive fact-finding exercises. It can also be difficult to assess the risks related to such assets, including potential open-source software issues, the danger that the rights in such assets will be infringed by third parties, or the risk that their use infringes third-party rights.

In addition, because fintech companies are so reliant on technology, it is likely that patent trolls will increasingly target them with the aim of extracting money through forced licensing arrangements by threatening to enforce patents primarily obtained for that aim. Establishing the value of intangible assets—which typically represent a large portion of the overall value of a fintech company—is another big challenge. For example, accurately vetting the growth potential of fintech startups that may not even be profitable at the time of acquisition can seem like a shot in the dark.

To read the full report, please click here.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© White & Case LLP | Attorney Advertising

Written by:

White & Case LLP
Contact
more
less

White & Case LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.