3 Hot Financial Compliance Issues to Watch Out for in 2018

Financial technology is evolving at light speed, bringing massive innovation across the industry. While this fosters countless opportunities, it brings an equal number of concerns in the world of financial compliance. We identify three financial trends that risk managers must monitor as the penalties, both monetarily and reputational, for non-compliance are too large to ignore.

Issue #1- The Rise of Data Aggregators

Bank customers increasingly utilize ‘apps’ to better understand their financial picture. These ‘data aggregators’ allow a customer to view all their financial accounts on one dashboard instead of separately logging in for credit card balances, mortgage information, savings accounts, bill pay, 401(k), IRAs, etc. Customers allow third-party aggregators access this real-time financial information by voluntarily providing their login credentials at the different institutions.

Popular fintech names like Mint and Personal Capital offer free accounting, budgeting, and investment resources to millions of individuals. You can even ‘Ask Alexa’ for an account balance at Prudential!

But some aggregators are riskier than others. Recently, FINRA, the Financial Industry Regulatory Authority issued a warning on data aggregators citing vulnerability to cyber fraud, unauthorized transactions, and identity theft.1 Also, some sell the shared data to other parties.

Most aggregators are trustworthy, but that doesn’t mean they won’t get hacked and your data compromised by thieves. Once you provide your information to an aggregator, the bank is not liable for any losses that may arise from a data breach or theft. Or are they?

Who Has Liability?

The liability gets tricky when there’s an existing partnership between banks and fintechs. The issue has data security and financial compliance personnel on both sides scrambling to clarify terms of service and disclose all risks. These include the level of encryption on data, the way the data was transferred (scraping or through an API) exactly which the data can be utilized, how long the aggregator will have access to the information and whether they’ll be selling the data to another party.

The true test will come when a major aggregator gets hacked and real money goes missing. Hopefully, adequate safeguards in the operations departments (electronic transfers, DTC and wires, etc.) exist to prevent such a scenario. In the meantime, financial compliance officers must diligently vet aggregators to distinguish the good players from the bad.

Financial institutions should learn a lesson from Facebook‘s data privacy debacle. The social media platform originally allowed applications onto the platform to allow users access to games like Candy Crush and Angry Birds. Before they knew it, there were thousands of apps and Facebook lost track of the data handling. Currently, it’s just a P.R. nightmare for Facebook- but you can expect the fines will be coming soon. And regulators won’t need any reason to levy more penalties on banks for similar transgressions.

Issue #2- Advisory Fees

The combination of the DOL’s fiduciary standard and the proliferation of robo-advisors have put broker fees under serious pressure. Specifically, asset management cost structures are being examined for ‘conflicts of interest’.

The crux of the rule is that financial advisors must put the client’s interest above their own. While this seems obvious, it doesn’t always happen. Regulators want to make sure that planners aren’t selling products clients don’t need and pocketing fat commissions.

In the past, there’s been abuse with some insurance products, especially annuities, which typically carry high sales commissions. In some cases, the products also weren’t suitable for investors. As financial advisors increasingly become dual-licensed to solicit both investment and insurance products, the DOL implemented this standard, even as many finance professionals (notably CFA and CFP charter holders) already upheld the standard through their organizations.

If the strictest form of the standard is adopted, it could mean advisor fines and penalties for breaches. With so many independent RIAs, the onus of compliance is on themselves.

It’s not just individual products that are being examined but the fee structure itself. Clients are questioning their heftier wrap fees (based on assets under management) as their account balances have soared.

While this is a good problem to have, some advisors are ‘closet indexing’ client accounts. This means they are largely replicating the appropriate benchmarks, which could be accomplished with cheaper, passive ETFs that charge just a few basis points (instead of 1-2% fee from an advisor).

Ironically, the AUM model developed from abuses of the old commission-based models of the 1980’s and ‘90s which saw massive abuses from overtrading (‘churning’). If both of these models are being questioned, what is a proper structure?

Every situation is specific, but one idea that’s making a comeback is the performance-based model. Under this structure, advisors only make money when the account value increases above a hurdle mark, often the risk-free rate (i.e. U.S. T-Bill rate). Sounds good, right?

But advisors had better be careful as this could lead to aggressive allocations, especially for conservative investors. Advisors share in all the upside gains, but not the downside losses. If this format sees increased adoption, its one that risk managers will have to examine very carefully.

Every fee structure has its pros and cons but the important thing is that advisors must provide full transparency on all fees while ensuring they’re completely appropriate for the client.

Issue #3- Cryptocurrency Concerns

Now that the froth has come off the bitcoin bubble, banks and brokerages are grappling with how to handle the rash of cryptocurrency activity on a variety of platforms. Brokerage firms are closely monitoring digital coin trading by retail customers while banks curtail purchases of cryptocurrencies via credit cards.

Dozens of digital currencies have been launched in the past year via initial coin offerings or ICOs. They are somewhat similar to stock IPOs, except its coins or “tokens” being sold to investors, not equity. Cryptos operate largely in a gray area in the U.S. The SEC has had difficulty classifying whether digital assets are ‘securities’ which would fall under their regulatory jurisdiction.

Regardless, the SEC has issued concerns about ICOs citing the risk of fraud- warning that retail investors should be wary of these deals.2 There is also the concern of ‘pump and dump’ schemes aimed at novice investors. Financial Compliance officers at both buy-side and sell-side institutions have a decision to make regarding their level of participation with cryptocurrencies-either as principal or agent.

Buying Crypto Currencies Using Credit Cards

Banks that offer credit cards are making the decision loud and clear- they don’t want customers to buy bitcoin with their credit cards. They fear that if crypto prices collapse, customers won’t be able to pay the balance as the collateral evaporates. To deter the practice, many card issuers are either banning purchases altogether or classifying crypto purchases as cash advances and charging exorbitant fees to deter the practice. You may be thinking, “who would actually buy bitcoin with their credit card”? The answer: 1 in 5 bitcoin buyers.3

One thing is becoming quite apparent-the quicker technology and financial innovation changes, the greater the emphasis on security, risk management and compliance areas become. This is a trend not likely to slow.