In light of the bombshell FinCEN Files unveiled in the news this past week, I’ve been reminiscing about all the sleepless nights and grey hairs (and even a subpoena) that resulted from navigating the regulatory landscape for Armor Payments, a fintech startup I founded in 2013 and sold to Payoneer in 2016.
When I first started on Armor Payments, I was admittedly a little naive when it came to the huge regulatory burden that we would face. I had previously worked at PayPal and MasterCard, so I was somewhat familiar with the compliance requirements for companies operating in the fintech space. However, I didn’t fully comprehend the magnitude of what was required and the existential risks that noncompliance represents for a payments startup.
For any founder starting a company in the fintech space, regulatory compliance looms large. Services that manage, or even touch, a customer’s funds are typically required to obtain some sort of state and federal license approval. And for startups that do manage to obtain the required licensing, maintaining compliance and an effective anti-money laundering (AML) program is a huge ongoing burden.
Most countries have anti-money laundering (AML) laws in place, which are intended to prevent criminals from disguising illegally obtained funds as legitimate income. In 2019, over $8 billion in fines were imposed, primarily by the US, UK, and France, on banks and corporations deemed to be willfully or negligently supporting money laundering activities.
For Armor Payments, regulatory compliance impacted us in two primary ways: obtaining the relevant state licenses, and creating and maintaining a formal AML policy. The other key hurdle was to obtain a business bank account, which, for a fintech startup, is not as easy as it seems.
The patchwork of financial regulatory requirements across the 50 states is a nightmare. Every state has slightly different licensing requirements, each with its own financial and operational burdens. To operate Armor Payments, a business to business escrow payment service, we started by applying for an Internet Escrow License from the California Department of Business Oversight (DBO). Even with high priced legal counsel ($1000 / hour billing rates, ugh), the process took us 8 months. Background checks, formal financial audits, obscure and expensive fidelity and surety bonds, the list of requirements seemed endless. We were finally granted our license in the summer of 2014, one of only four issued in the state at that time. And that was just the beginning. We still had 49 other states to go.
Creating our AML policy was slightly less complicated. Essentially, we engaged a well respected consultant who helped us draft the policy. We created a 30 page document that we would provide to regulators and banks to demonstrate that were taking appropriate steps to avoid and detect any suspicious activity across our platform. When we were small and just starting out, the operational burden was pretty easy to handle. However, I could easily see how we would have to devote significant resources to AML and compliance as we started to scale.
As for obtaining our bank account, this was not a trivial undertaking. Initially, I spoke with several national banks who took a quick look at our company and told me “We’re just not in the position to support fintech startups like yours”. Then, following an intro and vote of confidence from our law firm, I managed to engage with a senior executive at Wells Fargo who actually took the time to understand our business. With our newly obtained license and our well documented AML policy, they agreed to take our business. In the end, Wells Fargo was very supportive and provided great service, but there were times when I was concerned we would be dead in the water without a bank account to operate our business.
Ultimately, Armor Payments was acquired in 2016 by Payoneer, a leading global cross-border payments provider. Thankfully, the acquisition addressed many of the regulatory challenges would have to tackle, since Payoneer was already licensed in 49 states and in many other countries around the world and also had a very strong compliance team already in place.
While it’s clearly important to have effective regulatory licensing and anti-money laundering requirements, the current structure in the US has the effect of stifling fintech innovation. For early stage startups, working state by state to obtain licensing imposes huge costs and can be an insurmountable hurdle. And given the scrutiny that banks are under, many banks are reluctant to support new fintech companies with novel business models. For many startups, like Armor Payments, partnering with (or getting acquired by) a larger company may be the only path forward to bring innovative new fintech business models to life.