Driven by transformative technologies and millennial thinking, Fintech has gathered significant pace in recent years, with the UK in particular hosting a dynamic Fintech scene. Cloud is an important part of the Fintech story and this has been recognised by the Financial Conduct Authority (FCA), with the regulator extending its blessing to use of cloud computing within the finance sector. While cloud-native Fintechs are able to build and scale their businesses with agility, there are still a number of hurdles that need to be navigated in order to ensure success within this arena.
Both more established Fintech companies as well as startups face many regulatory, privacy and security challenges and a failure to take the appropriate steps to manage and mitigate risk can result in these companies never getting off the ground. With this in mind, how can Fintechs overcome the common stumbling blocks that come with operating in the finance sector and continue to drive innovation?
1. Cloud Concerns
The blend of cloud and Fintech has given rise to an impressive portfolio of new services and products. However, the issue of security is one that still remains at the forefront of the cloud debate, particularly when outsourcing to a third-party Cloud Service Providers (CSP). The FCA is very clear in the guidelines for all financial services and all financially regulated businesses when it comes to understanding their supply chains. The measures set out by the regulator urge these companies to manage the operational risks associated with outsourcing to the cloud by applying due-diligence with regards to IT providers, before committing to work with them, by agreeing a “data residence policy” with the chosen provider.
For Fintechs, it’s crucial that they embrace these guidelines. Doing so will ensure they have a solid understanding of how their data is stored, processed and managed. By way of example, included in the FCA’s guidelines is the ability to request an on-site visit to the relevant premises owned and operated by the CSP.
Additionally, by applying due-diligence and working with a CSP that values security, Fintechs can actually gain a competitive advantage. When bringing new products to market, Fintechs must be able to demonstrate quite clearly that they are providing solutions from a platform that is secure and compliant. Ultimately, without a secure framework in place, people are going to be less likely to want to do business with you.
2. Regulatory Environment
A further challenge when it comes to launching and growing a Fintech company is navigating the complex regulatory landscape. The financial services industry is subject to stringent regulations and there is a vital demand for robust risk management. Fintechs must be able to demonstrate that they understand the security requirements and compliance mandates of all their customers, especially if they want to achieve commercial success.
Therefore, a culture of compliance must be instilled within any Fintech from its inception. Everyone within the business needs to think about what they do on a day-to-day basis, making sure they behave in a way that is beneficial to the company as a whole. Primarily, Fintechs need to convince the regulator that all aspects of their solution is compliant. By implementing a solid framework, centered around, people, processes and procedures, this can be achieved.
3. Data Security
Working in the financial services industry comes with intrinsic data security challenges due to the highly sensitive nature of the data involved. A data breach or a malicious hack has the potential to derail any Fintech business and undermine any existing customer trust, as demonstrated by recent high-profile attacks.
To guarantee that sound data security standards are implemented, measures and guidelines must be constantly updated to keep up with the rapid nature of the developments within the Fintech sector. A good point of reference here is the Payment Card Industry Data Security (PCI DSS) – the proprietary information security standard for companies that handle cardholder data. While this regulation may already be applicable to many Fintech companies, this standard can also be extended to other forms of data to ensure that sensitive information is always protected and handled in the correct way.
Ultimately, data security is a vital ingredient for the success of any Fintech company that wants to compete at the forefront of their industry. If information security is embraced in the development of Fintech products, platforms, and infrastructure, then innovation can be enabled in a controlled way.