ARIADNEXT & Identity.TM are now IDnow.Learn more

What is regulation in fintech?

Are fintechs required to comply with regulations? The simple answer is “yes.” Any organization involved in financial services must comply with a variety of regulations. Without regulation, it would be difficult (if not impossible) for fintechs to operate widely in the financial services sector.  

Want to talk to our KYC experts?
Regulatory compliance is a great challenge for various sub-verticals and areas within the fintech space.

Is fintech a regulated industry?

For many years, fintechs were unregulated in many countries as regulators were more focused on traditional banks and banking. Regulations have developed alongside the industry and did not initially fit the new breed of fintechs.

This has changed, and fintechs in most countries are now regulated by main national financial regulators. Regulations have, in many cases, been adapted to cater to fintechs.

The regulation of the fintech industry is more complicated than for financial institutions. Fintechs are typically much smaller but still subject to the same intense regulation. They are also likely to operate across several jurisdictions (possibly from an early stage) and will need to comply with different regulations in each region or country.



Who regulates fintech companies?

In the UK, for example, regulatory compliance for fintechs means complying with the Financial Conduct Authority (FCA) or Prudential Regulation Authority (PRA), and the Proceeds of Crime Act 2002. In the EU, the AMLD regulations (currently implemented up to 6AMLD) are supervised by national regulators, for example, BaFin in Germany through the AML Act (GwG).

Fintechs may also offer services in many different areas (including cryptocurrency and decentralized finance) and, as such, will be more or less affected by AML or other financial regulations. Fintechs with a full banking license (or with an e-money license and planning to scale up), for example, will face much the same regulation as banks.

KYC is a crucial regulatory requirement for fintech companies and other institutions with financial responsibilities.

Why is regulation important for fintechs? 

Regulations have evolved to protect financial institutions, their customers, and the wider economy from financial crime. AML and KYC regulation are frequently updated to reflect changes in fraudulent and criminal methods.

Wherever fintechs operate – whether in financial services, customer verification, or transactions support – they should ensure the same checks and security as the major financial institutions.

Protection and compliance are vital – but there are other reasons for fintechs to comply with regulation:

Regulation establishes trust.
Credibility and trust are vital for any financial-related company, and compliance with regulations helps to establish this.

Regulation creates a level playing field.
When companies operating in the same arena must meet the same requirements and challenges, this supports fair competition.

Compliance helps fintechs scale.
This could include offering new products and services, moving to a full banking license, or expanding into new countries.

Which regulations must fintechs comply with?

Depending on their area of operation, fintechs are affected by several regulations: 

AML & KYC.

AML and KYC regulations have been in place for decades, and are continually updated to reflect developments in criminal and fraudulent methods. 

KYC and AML regulations aim to prevent fraud, Money Laundering, and other financial crime. Every customer (individual or corporate) needs to be verified to ensure they are who they claim to be, and any suspicious activity needs to be identified and reported. 

AMLD regulations.

In the EU, requirements are well defined through AMLD regulations.

The latest updates came in 2020 (5AMLD) and 2021 (6AMLD). 5AMLD introduced a new focus on the sources of finance and the concept of PEP checking and monitoring. 6AMLD focuses on consistent understanding and treatment across the EU. In the UK, AML is controlled largely through the Proceeds of Crime Act and the Electronic Identification and Trust Services for Electronic Transactions Regulations. 

eIDAS regulations.

The European eIDAS regulations (introduced in 2014) govern the use of electronic signatures. In the UK, the 2016 Electronic Identification and Trust Services for Electronic Transactions Regulations does the same. These set the standards for the definition and implementation of different levels of electronic signature (SES, AES, and QES). 

PSD2 regulations.

The Payment Services Directive 2 (PSD2) regulations are EU and UK regulations for electronic payment services. These aim to make payments more secure whilst promoting competition and innovations in the sector. 

Decentralized finance regulations.

Decentralized finance (DeFi) is a growing sector for fintechs and one where regulation still needs to catch up. The use of cryptocurrencies and smart contracts largely avoids current KYC regulations, but regulators are likely to make changes soon and fintechs should stay ahead of this. 



For their growth plans, fintechs must essentially balance between sustainable growth plans and taking on the right amount of regulatory risk.

How do regulations help create a future-proof fintech?

Every business wants to grow. In the financial services sector, compliance with appropriate regulations is important to facilitate expansion. The sooner and more comprehensively a company embraces regulations, the easier future expansion will be.

Complying with specific regulations is necessary for international expansion. As fintechs are often able to operate in different countries and jurisdictions from an early stage, they must comply with a variety of regulations. However, there are certain similarities across countries.

Acquiring new licenses.
As fintechs grow, they will often need new operating licenses. A common journey is from an e-money license to a full banking license, which will attract greater regulatory scrutiny and compliance requirements.

Implementing new technologies.
Expanding into new technology and services is likely to require compliance with additional regulations. Fintechs are often heavy digital adopters, with areas such as artificial intelligence, machine learning, and cryptocurrency. Compliance helps fintechs to rapidly adopt new technologies and methods.

Supports a good user experience.
Getting compliance right is essential for offering a superior customer experience. Customers want robust and secure interactions but also fast and friction-free experiences. A compliant KYC and onboarding process ensures this.

All the important questions on fintech regulations

Does KYC apply to corporate customers as well as individuals? 

Yes. All fintechs and financial institutions must verify the identity (and conduct appropriate ongoing monitoring) for all customers, whether they are individual people, groups, or companies. There are additional checks required for corporate customers. As well as verifying company details, the beneficial owners of the company must also be identified and verified. 

What are the different levels of KYC? 

As part of the Customer Due Diligence (CDD) step, the level of risk posed by each customer should be established. Enhanced Due Diligence (EDD) is used when a customer is determined to pose a higher risk of money laundering or terrorist financing activity. Extra checks must be carried out to fully understand activity, including transaction monitoring, and checking of sanctions lists.  

Is cryptocurrency activity regulated? 

With MiCA, the Travel Rule, and UK’s proposed crypto regime either recently launched, or soon to launch, crypto regulation is here to stay. Crypto firms need to be registered with the appropriate regulator and must conduct KYC checks and CDD.  
Decentralized finance (DeFi) overall needs tighter regulation, though, and this is something fintechs need to be aware of. In a recent report, PWC UK explained how the adoption of growth and adoption of decentralized finance rose by over 6,000% in the year to March 2021. Regulators need to catch up, and PWC suggests that DeFi projects would be wise to engage early with regulators. 

What are the benefits of eKYC? 

Nowadays, most KYC solutions are actually “eKYC.” This refers to the adoption of automation and digitalisation within KYC procedures. eKYC includes video and biometric-based identity verification, digital document verification, and the use of NFC technology. eKYC offers many benefits, including faster, cheaper, and more accurate verification. The customer experience should also be improved through a faster, friction-free experience. The use of such methods usually requires regulatory approval. 

What are the regulatory challenges of fintechs?

One of the main regulatory challenges for fintechs is compliance with KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations. Fintechs are required to comply with these regulations in order to prevent money laundering and terrorist financing.

Another regulatory challenge for fintechs is compliance with geographical restrictions; fintechs operating in multiple jurisdictions need to comply with the regulations of each jurisdiction. This can be a challenge for fintechs as each jurisdiction has its own set of rules and regulations.

The final regulatory challenge for fintechs is compliance with legislative requirements. Fintechs are required to comply with financial legislation, such as the Dodd-Frank Act in the United States and the Basel III Accord in Europe. These legislative requirements can be challenging and costly to comply with.

What is fintech?

Financial technology (fintech) refers to new technology that seeks to improve and automate the delivery and use of financial services, and a company that offers financial services or applications that rely heavily on technology.

Artificial intelligence, Blockchain, Cloud Computing, and Big Data are considered the bedrock and four key areas of fintech that are utilized to provide companies and consumers with better financial operations and processes

Intro to FinCrime

A serious threat to fintechs: Financial crime.

Financial crime refers to the use of financial instruments to illegally gain money or assets. Common examples of financial crime include tax evasion, money laundering, and identity fraud. The cost of financial crime compliance reached $274 billion in 2022.

According to the UN, the cost of money laundering alone is estimated at $800 billion to $2 billion per year. Just in the UK, the National Crime Agency reports over £100 billion of laundered money affecting the economy annually.

By providing access to financial markets, fintechs become exposed to financial crime, and subject to the regulations that prevent them.

As fintechs continue to expand the service offerings and markets they operate in, they will continue to face new and evolving regulations to beat the latest methods of financial crime.

Step up your KYC game

How can we help?

In recent years, fintechs have achieved considerable success due to their ability to launch quickly, and scale and adapt seamlessly and more cost-effectively.

This rapid growth comes with its own regulatory challenges, though. Smaller fintechs now face similar regulations as to large financial institutions, and must therefore stay aware of fastchanging regulations across many different areas of operation.

With increasingly complex regulations and the ever-present risk of fraud, a speedy and secure identity verification service can supercharge your fintech business and streamline operations. Offer your customers the onboarding and user experience they deserve with our fully customizable platform for identity proofing.

Get in touch with us

Our Products

VideoIdent

Digital verification via video-chat, backed by AI-technology. Our AML-compliant solution meets high security requirements.

AutoIdent

Automated, AI-powered identity verification for users all over the world – anytime, anywhere. And AML-compliant.

IDCheck.io

Our automated instant identity verification is based on Artificial Intelligence and Machine Learning. It’s simple, secure, and available anywhere, at any time.

IDCheck.io PVID

Identity verification is in the process of being certified by the ANSSI and complies with the Anti-Money Laundering Directives (AML-CFT) and meets high security requirements.

eID

NFC-based solution for the electronic German identification card. Our identity verification solution with easy data scanning via smartphone. AML-compliant.

Play