Solving for compliance in payments
Building out privacy-focused payments solutions requires a holistic and long-term approach to development, operations, and regulatory interfacing. There’s also a need to stamp out acute threats to data security and privacy while anticipating new security challenges or requirements that arise from political developments and geopolitical crises.
As a result of this multivariable reality, fintechs prioritize the following variables while building out and maintaining their cutting-edge payments products:
Ongoing threat management
Key to ongoing and market-leading compliance is keeping tabs on current threats to payment-related privacy and security. This can take shape in many forms: from client-specific threats, to new technologies, to shifting geopolitical realities.
The ongoing full-scale Russian invasion of Ukraine, for example, fundamentally shifted how payments providers operated worldwide. Fintechs like Payoneer reported major reconfigurations to their sanctions and compliance teams, encountering day-by-day shifts in where payments were legal and to whom.
“People are actually working and they need to get paid,” Micheal Sheehy, Chief Compliance Officer at Payoneer, told The Financial Revolutionist last fall. “We're one of the only providers still making payments into the market and local currency, so we feel like we have an important role in keeping the economy going.”
Keeping a pulse on future regulations
inbanx, a Texas-based all-in-one budgeting, cards, and payables solution for businesses, said upcoming regulatory developments already affect its existing data collection practices. Anticipating anti-discrimination laws that will require lenders and other financial players to demonstrate non-bias in financial decisions, inbanx already collects demographic data on the businesses it signs up.
However, these upcoming regulations still lack clarity, said Rob Kaczmarek, CEO & Founder of Inbanx. For instance, Kaczmarek asked, do businesses count as minority-owned if only one of several co-founders belongs to a minority community? What if its co-founders identify as minorities, but their board members don’t? These questions may be answered by more explicit rules in the long run, but leave payments solutions in the lurch in the meantime.
Enforcing data security standards
To prevent data and privacy breaches, payments companies look to operate beyond compliance standards in an effort to bolster security. Kaczmarek of inbanx said the fintech goes “over and above what is mandated by us by the government and policy… for the benefit of our clients.”
That involves giving Aaron Upshaw, inbanx’s CTO & Co-Founder, sole responsibility for pushing into live environments, with all other developers pushing into sandbox environments. Breaking information up into different repositories has also helped maintain security and privacy around the fintech’s core work, Kaczmarek said.