To remain competitive with larger banks in the current market, community banks must deliver the innovative, technology-driven tools customers have come to expect. For many community banks, the most effective strategy is to partner with financial technology (“fintech”) providers. These partnerships give banks access to cutting-edge technologies, specialized expertise and cost efficiencies that would be difficult to achieve independently. But thorough due diligence is essential to achieve optimal results.
Common fintech collaborations
Banks are collaborating with fintech providers to develop a variety of customer offerings, including:
- Digital account opening,
- Digital loan origination,
- Person-to-person payments,
- Mobile wallets for contactless payments,
- Remote deposits,
- Personal financial management tools, and
- Security, identity and fraud prevention technology.
Embracing digital tools not only helps community banks retain existing customers who seek convenience, it also expands their geographic footprints, allowing them to attract new customers.
Due diligence considerations
When conducting due diligence on prospective fintech partners, the specific steps you take depend on the type of technology provided, the nature of the relationship and the level of risk to the bank. When developing your due diligence strategy, consult the federal banking agencies’ Interagency Guidance on Third-Party Relationships: Risk Management. This 2023 publication outlines sound risk-management principles for banks when contemplating relationships with fintech companies and other providers.
Another valuable tool is the agencies’ publication, Conducting Due Diligence on Financial Technology Companies: A Guide for Community Banks. It outlines the topics banks should consider when conducting due diligence on a fintech provider. Examples include:
Business experience and qualifications. Does the fintech provider have the ability to conduct the contracted activities “in a manner that enables a community bank to comply with regulatory requirements and meet customer needs”? Among other things, consider client references and complaints as well as any legal or regulatory actions against the fintech company.
Business strategies and plans. Will the fintech company’s strategies or planned initiatives affect or impede their implementation of the activities?
Qualifications and backgrounds of directors and company principals. Does the company have the requisite staff and expertise to handle the activities?
Financial condition. Does the fintech have the financial capacity to provide the contracted activities, remain a going concern and fulfill its obligations to the bank? You should understand the company’s funding sources, including cash flow from the business, loans, capital injections, venture capital or planned public offerings.
Market information. Consider the fintech company’s competitive environment, its reliance on a few key clients and its susceptibility to geopolitical events or other external risks.
Legal and regulatory compliance. Review the company’s organizational documents, licenses, charters or registrations, as well as its risk and compliance processes. In particular, evaluate the fintech company’s ability to support the bank’s privacy, consumer protection, fair lending, anti-money-laundering, and any other legal or regulatory obligations.
Other considerations include the fintech company’s risk management and control processes, information security program and business continuity plans. Also scrutinize proposed service-level agreements to ensure they meet expectations.
A win-win situation
Federal banking regulators have high expectations for banks when it comes to third-party risk management. To ensure the best possible results as your bank explores potential fintech solutions, it’s critical to have robust due diligence in place to manage the risks associated with third-party relationships.
