In the past edition of Embedded Finance Review, I shared a link to the website of the UK regulator FCA that stated that British banking-as-a-service provider Modulr will not onboard any new agent or distributor unless the FCA approves it.
This week, we are getting a bit more input on the story in Sifted’s article. It is important to highlight that the restriction is UK-only (EU business is not affected) and that Modulr can still onboard ‘normal’ customers, i.e., a fintech company that wants to launch a consumer or SME-focused fintech product. The current restrictions are only affecting Modulr’s ability to onboard new agents or distributors. In simple words, an agent or distributor is an unregulated company (similar to the fintech company above), but instead of serving directly to a consumer or SME, an agent or distributor is selling to another company, which then sells these services to a consumer or SME. Basically, adding another ‘B’ to the value chain (i.e., B2B2B2C instead of B2B2C).
If you have (a bit of) experience with fintech-as-a-service, you will know that the intersection of a regulated and unregulated entity is the area where the biggest problems arise. In German we have this term of ‘predetermined breaking point’, and while nobody wants such a breaking point, the way companies collaborate today often feels like it is intended. What do I mean by that? Most of the problems that arise are in the area of customer onboarding (KYC/KYB), ongoing monitoring, and appropriate actions when something suspicious occurs. A fintech company that is regulated and serves consumers or SMEs directly will have to build (internal) products and processes to ensure that they act within these rules. A as-a-service provider has to do the same but might transfer some of the responsibilities to their customers. That can be challenging already, since the unregulated customer might pass the audit for onboarding but might not be able to do the best job in day-to-day operations. Imagine adding another layer to this. Answering the question ‘who is responsible’ can often be answered easily, but how do you ensure that the other side is actually doing their job correctly? Yearly audits and random checks throughout the year? That might not be sufficient.
Luckily, onboarding and compliance providers are building new products to address these needs. But our industry is evolving quickly, and with embedded finance, we will see a lot more activity. This brings me to the elephant in the room. At the moment, the regulators are ‘only’ sanctioning specific infrastructure providers (i.e., Modulr, Solaris, Railsr in Europe), but the big question is whether they will continue to do that or change the way the industry works. I described some of the challenges of the fintech-as-a-service business at a very high level. But when you put your ear into the market, you can hear a lot more (scary!) stories about how the (agent) model is used in a way that it is not intended to. So will regulators continue to patch a tire or change the wheel? What do you think?
