Matt and Reggie dive deep into how fintechs should think about regulators and regulation in this episode of the Fintech Layer Cake.
Fintech Layer Cake is presented by Lithic and hosted by Matt Janiga, our general counsel, and Reggie Young, our product counsel and author of the Fintech Law TL;DR newsletter.
Highlights
What are regulations?
Reggie: Regulations are rules of the road that protect customers and markets. Legislators pass laws, and sometimes those laws give powers to regulators to do things like handle licensing or fill in the details that a law didn't cover, or otherwise just make rules about whatever is needed.
Where does legislation/regulations come from?
Reggie: There are few ways, the first of which is uniform law committees. These are groups of lawyers that come together to draft and update prototypical legislation or model laws, as they're known. One of the most common ones is the Uniform Commercial Code, which is a model law about contracts and secure transactions. A second source of legislation is state regulators, who can advocate for their preferred laws.
Matt: And it's also important to call out and not forget about, because it can impact your business, that companies and lobbyists are also another source of changes in laws.
Why should fintech founders and operators care about regulators and regulations?
Reggie: Messing up with regulators can lead to big fines or even end your business. LendUp is a recent example. Regulators took issue with their business practices and ultimately forced the company to stop making loans and shut down.
What are the structures the government can use to drive regulation and oversight?
Matt: That's going to be politicians, other regulators and others. This is effectively what FDSC insurance is. It helps make sure that you stay upright. State insurance laws are also very similar. They're set up to structure, so that way, if there's a problem with that state insurer, consumers who have paid premiums, in some cases for many, many years, aren't left holding the bag and left without protection.
Consumer protection is historically driven by disclosures. And there's some debate, especially as the crypto world is seeing some turbulence right now, about how effective those disclosures can be.
Reggie: There's also securities and commodities regulatory schemes. These are mainly meant to protect investors from fraud and generally make sure the markets are staying healthy on a federal level. The SEC sets requirements for securities registration and disclosure. But states can also have their own securities laws. These are typically called blue sky laws, and fintech startups encounter these regimes pretty quickly, since you generally need to file disclosures whenever you fundraise.
You should talk to a lawyer if you're doing something like building a broker dealer, which is what Robinhood is, or if you're fundraising.
How do you know if you're regulated?
Reggie: First, identify what product you have that might require regulation. Not all products require regulation. Two examples:
- In lending, some states will exempt you if your product is under a certain interest rate threshold or you don't require recourse.
- Another example is in payments. Some states will look at your money transmitter applications and tell you actually aren't regulated. Wisconsin used to do this a lot. Similar states didn't regulate B2B payments products, but those laws have generally changed since, to include them.
Figure out your product, including any disclosures, and identify if you need a state license. Registration is like an RSVP. Licensing is like a contract with the state.
What do you do during your waiting period after filing your application?
Matt: Here's a couple of tips on how to manage your waiting period. One is get organized. You're going to want to keep track of each state and when you last contacted them. Tap somebody internally, make sure you keep a spreadsheet and understand when you're reaching out to them, when the last contact was and where you left off.
Try not to do any complicated business changes when you're in your waiting period, especially with a larger state like New York. This includes changing your name, changes in your officers and directors if you can help it, or changes to your product suite.
What happens if you get mail from a regulator?
Reggie: Don't freak out. Next, figure out what it's about and how serious it is. Is this a routine inquiry? Are they just going on a fishing expedition to explore unfamiliar tech to them? You're going to want to talk to your lawyer, who may also want to reach out to outside counsel as expertise in these sorts of letters.
If you get a letter that's more serious:
- Ask, "Does this regulator even have the authority to ask what they're asking about?" If they don't, then you don't need to engage with them. You want a lawyer to help you figure that out though because you want to make sure you're right on that. Even if they don't have authority, it could still be a good idea to engage thoughtfully
- Negotiate. Point out if an ask is infeasible. It's okay to push back and ask for more time.
- This is a classic lawyer tip. Don't volunteer info about your products or business if it hasn't been specifically asked for.
Check out our post Fintech Regulations and Compliance: State Regulators for more on state regulators.
–
If you liked this episode, subscribe to the podcast on your favorite podcast app and give us a review on iTunes.
About Fintech Layer Cake
Fintech compliance. It can be complicated and overwhelming — even if you've been in the industry for a while. But what if there was a podcast that made learning about it a piece of cake? That's what Fintech Layer Cake is about.
It's hosted by two popular fintech lawyers, Matt Janiga and Reggie Young. In each episode, they use their experience from working at companies like Lithic, Stripe, Square, and BlueVine to break down some of the toughest topics in fintech.
Listen on iTunes, Spotify, or your favorite podcast app.