Frenemies – The Tenuous Relationship Between Financial Institutions and Fintechs

Introduction

Consumers are demanding new and faster ways to complete their transactions, whether in-store or online. While traditional financial institutions (FIs) have historically driven changes in payments and transaction methodologies, over the last decade, smaller more nimble technology-driven companies (often start-ups) have risen to meet those demands. These companies—known as Fintechs—are disrupting the traditional FIs’ hold on the payments landscape.

Fintechs and Financial Institution - Frenemies

Financial institutions often view Fintechs less than favorably because of this disruption. They also understand, however, that the Fintechs often fulfill a need that their own product offerings cannot. Fintechs often design innovations that deliver a customer experience the FIs find difficult to offer, for example. Or they develop technological advancements that FIs do not have the rights, skill of platforms to build. Sometimes the difference is the inability get products to market quickly. Fintechs, which often offer niche products, can adapt quickly to customer needs, changing business environments and evolving technology. Often FIs find they must offer Fintech-developed products and services to meet customer demands. Access to these technologies is often not just a perk, it is a matter of survival.

Likewise, Fintechs in many instances need FIs because they lack the funding, distribution channels and scale necessary to achieve their goals. Also, many Fintechs do not offer the financial service themselves, but provide a means to enhance the financial service to customers. Their relationship with the FI is not optional—it’s fundamental. Although they are often at odds, Fintechs and FIs recognize that a healthy relationship between them is an increasingly important piece of the payments ecosystem and ultimately, will benefit them both.

Forging the Partnership

Although relationships between FIs and Fintechs often take the form of acquisitions or investments, this article focuses on the strategic contractual partnership between these entities. These arrangements can take many forms—from licenses of the Fintech’s technology that allow the FI to build an in-house solution, to “as a service” or cloud-based offerings, to outsourcing. Regardless of the form, the parties must agree upon a set of terms and conditions that define the relationship. 

Every relationship between a Fintech and a FI is different, based a variety of factors, including: the nature of the product or service; demand for the product or service; compliance requirements; the Fintech’s need for a distribution channel; the requirement of a cash infusion, etc. These factors will have significant effect on negotiating leverage. For example, a well-funded Fintech with a product in high demand may have significant leverage over a large FI that desperately needs the product to maintain its market position. Alternatively, a large FI that views the Fintech product as optional may be able to dictate terms to a cash-strapped Fintech.

Cultural differences may also play a significant role in negotiations and the long-term relationship. Traditional FIs can be measured by their speed, approach, decision-making processes, and interpretation on compliance and regulatory matters. Fintechs, on the other hand, tend to be quick, nimble, require fewer decision-makers. They can be less structured in their compliance and regulatory processes. Overcoming these differences can be critical in getting to contract and maintaining a successful relationship.

The following are key provisions in any agreement between an FI and a Fintech. The relative importance of any of these provisions depends on the nature of the product or service offered by the Fintech and the overall relationship of the parties.

Scope of Work/SLAs: Every agreement, regardless of its nature (e.g., vendor relationship, platform provider, etc.), requires a detailed description of the of the work involved such that the parties understand their respective rights and obligations. In addition, if the relationship involves the delivery of services, the parties should agree upon objective standards of performance (i.e., service levels). Included in any service level regime should be an enforcement strategy like credits to ensure that the service level standards are being met. Further, to the extent that the relationship involves the exchange of products, appropriate product warranties should be included.

Implementation: Whether the engagement involves products or services, the parties must agree upon the parameters for implementation, which include the cost, timing, responsibilities (on both sides), dedicated personnel, deliverables and ramifications for failing to meet deadlines. The implementation stage of any relationship is often a critical failure point in a relationship. Although one may consider the relative immaturity of the Fintech’s organization as a threat to implementation, the nimbleness with which the Fintech can operate is often an advantage. Mature FIs, however, are often laden with process, which tends to slow down the implementation. Given these dynamics, Fintechs may consider protecting themselves against cost overruns they may incur as a result of the FIs’ inability to meet their implementation obligations in accordance with deadlines.

License/Ownership of IP: Both parties care a lot about Intellectual property rights. Fintechs often view the intellectual property that supports their product/service as the primary value of their company, and accordingly tend to use maximum effort to protect it. FIs often demand some degree of exclusive rights in the intellectual property created in the course of the relationship. The amount of leverage a party has often dictates how this tension is resolved. While a Fintech would rarely grant the FI ownership rights in its IP absent an acquisition or significant investment, one with little leverage may be forced to grant the FI limited exclusive rights over created IP for a short time. The Fintech must be careful, however, that any such exclusivity does not preclude it from offering similar solutions to other customers. 

Compliance: In a highly regulated industry, financial services companies must comply with the requirements of their regulators. Most FIs are extremely sensitive to these requirements. Fintechs, while understanding the need for compliance, often view the compliance obligation as primarily the FI’s. Regardless of whether the Fintech is regulated, in order for its product or service to be viable, it must attempt to meet the FI’s compliance needs. Those that do not may have fewer options in the marketplace. In negotiating these terms the FI will typically want the Fintech to represent that its product or service will always be compliant with all laws and regulations, while the Fintech will attempt to narrow its compliance obligations to laws and regulations that apply only to it. The correct result is somewhere in the middle. Reaching the middle-ground, however, is often difficult and the outcome can depend on leverage.

Data Use and Restrictions: The right to use the data born from the relationship is typically important to both parties. Usually each party wants full use of the data and to exclude the other from using it in certain ways. Regardless of how the parties divide data-use rights, the following restrictions are usually included in these agreements: (1) if any personally identifiable information is exchanged, the party receiving such data must agree to be compliant with all applicable data protection laws and all PCI requirements; (2) data may only be used in accordance with a party’s rights under the agreement, only shared with third parties in accordance with confidentiality restrictions, and subject to encryption and anonymization protocols that do not allow identification of the parties; and (3) the limitation of liability provisions should not restrict a party from recovering remediation damages associated with data breaches (e.g., customer notifications, credit monitoring, etc.), and data breaches should include some level of increased liability.

Governance: Because FIs and Fintechs tend to be culturally different, a formal governance structure is crucial. Although the relationship and nature of the transaction should dictate the scope and extent of the governance structure, it should always be designed to create effective and efficient communications between the parties and to mitigate disputes that arise.

Audit Rights: FIs will likely demand the right to audit certain aspects of the Fintech, including fees, security, compliance with agreement, etc. Although the Fintech likely will have to undergo audits for the FI to meet its compliance obligations, it should attempt to limit their frequency and scope, and the FI’s rights to access certain areas of the Fintech’s facilities during the audits. 

Limitation of Liability: Limitations on liability provisions are sensitive for young Fintechs. Unless tempered, one incident could wipe out the company entirely. From the FI’s perspective, the risk associated with the Fintech’s product or service may be disproportionate to the revenues under the contract. They accordingly won’t view revenues as an appropriate measure. Liability limitations often pose a serious contractual and risk problem for the parties. There are no shortcuts around this problem—each party will need to understand its risk tolerance in trying to reach a resolution.

This discussion merely scratches the surface on the number of terms essential to a good Fintech/FI agreement, and each term discussed has many different layers. The cultural and business objective differences between the parties can make it difficult to easily reach an agreement. Yet, in a marketplace where each side needs the other, common sense contracting will be necessary to form lasting relationships.

 Chris Ford is from the law firm of Ballard Spahr