WASHINGTON – "With great power comes great responsibility" isn't just a truism for Spider-Man, but applies in the world of banking regulation, too.
While fintech companies are urging federal regulators to create a federal charter allowing them to follow a single national standard instead of a myriad of state rules, such a benefit will almost certainly come with strings attached. It would likely mean regular exams from an agency like the Office of the Comptroller of the Currency or having to comply with the Community Reinvestment Act, which currently applies only to banks.
"Look, any time you come up with benefits there is always going to be a downside," said Steve Carlson, the co-founder and CEO of online lending company Ascend. "Can't have your cake and eat it, too."
In an OCC conference on responsible innovation last month, an agency official sought to dispel the notion that the creation of a limited-purpose charter would mean relaxed regulatory standards.
"We saw a number of comments that said if we authorized a narrow charter, that would mean lighter supervision," said Kay Kowitt, a deputy comptroller who heads the OCC's innovation team. "I don't think there's anything further from the truth. The quality of our supervision is the same, regardless."
Fintech companies currently face a vastly different regulatory landscape than banks, though this varies according to their activity and their ties to chartered financial institutions. Online lenders are already subject to the same creditor laws as banks, including the Truth in Lending Act, the Fair Credit Reporting Act and the Equal Opportunity Act. Companies that act as money services businesses, meanwhile, must comply with anti-money-laundering laws like the Bank Secrecy Act.
And some fintech firms that partner with banks are already under the indirect supervision of financial regulators.
But because most fintech companies do not have a single, prudential regulator, their compliance costs are an order of magnitude lower than those of banks.
"The laws apply pretty much to everyone based on the function that the company is performing, but if you're a bank, you have examiners coming over regularly," said Jo Ann Barefoot, a former OCC official and now a consultant on fintech regulation. "You're required to have a lot of compliance controls and processes."
Comptroller of the Currency Thomas Curry acknowledged this discrepancy during the conference. "It is not an issue of whether or not laws apply," he said. "It is potentially an issue of, 'Is there a direct federal or state overseer of that activity, from a compliance standpoint?'"
If the OCC were to create a limited-purpose charter, it would come with compliance controls and an exam schedule. It might also come with other restrictions. Some regulators have suggested fintech firms should be subject to restrictions similar to the CRA, which was created in 1977 to prevent lenders from avoiding specific minority neighborhoods near their headquarters.
"I worry about that with fintech, to make sure that, if we're going to bring technology in — whether online lenders or crowdfunding or things like that — that we remember the lessons from the past and demand of them that they extend credit to all parts of our community and not create ZIP-code-based lending algorithms," John Williams, president of the Federal Reserve Bank of San Francisco, said in a recent interview.
Potentially, fintech firms could opt to apply for a full bank charter, which would allow them to take deposits and automatically make them subject to the CRA.
But it is unclear whether the CRA in its current form is readily adaptable to most fintech firms' strategies.
CRA compliance is evaluated based on how banks "are serving the geographic areas where their branches are located," said Erin Fonte, a fintech lawyer at Dykema Cox Smith. "How do you take that and turn it into a traditional customer cohort when you're talking about [a company that is] marketing... in all 50 states?"
Though regulators have allowed financial institutions to maneuver around the geographic framework by developing their own strategic plans, the requirements would most likely need to be adapted for online companies.
"CRA is way overdue for updating, and it's possible that if the OCC comes out with a charter they might propose to do some customizing of CRA standards," Barefoot said.
Fintech companies seeking to make loans and obtain access to the banking system will also likely have to face capital requirements, experts say.
"If you're going to be responsible for being in the middle of a transaction flow, [regulators will want to make sure that] you have the financial wherewithal to be around and not just disappear when you burn the $350,000 in capital that you raised," Fonte said.
Because fintech companies are still operating in a sector that relies on quick investment rounds, capital requirements could have the potential to push larger players to restructure their business model, said Alex Acree, the managing director and general counsel at the investment firm Fenway Summer Ventures.
"Capital requirements [are] going to be a huge thing," he said. "It really does fundamentally change the business."
If they want to join the club of national charters, fintech companies could also face different cybersecurity standards.
"A lot of the fintech startups don't understand the nature with which they have to approach the data security and data integrity," Fonte said.
Cybersecurity compliance requirements have already flummoxed many fintech firms doing business with banks, Fonte added.
"Fintech companies that want to partner with banks are subject to the bank third-party-vendor-management process," she said. "It's been quite shocking to some of them."
Fintech companies claim they understand the flip side of a national charter, but many argue that new regulatory requirements should be tailored to their level of risk – and not simply copied from those imposed on banks.
"Banks that are very broad and have a whole range of products underneath them -- they take on a whole different risk level than a much more narrowly defined fintech company," Carlson said.
Indeed, some argue that the rise of fintech firms is an opportunity for regulators themselves to get up to speed.
Consumer protection rules "were all based on sound premises," added Carlson. "But now, apply them to the 2016 technology that exists."
To be sure, many bank, particularly smaller ones, will oppose the creation of a bank-like charter that does not follow the same rules as banks.
"We think that they should be subject to everything that banks should be subject to if they get a bank charter," said Chris Cole, the ICBA's executive vice president and senior regulatory counsel.
Implementing a fintech charter might level the playing field, he added, only "if the charter was subject to the same regulations that banks are so there are no corners cut."
That could make it politically difficult for the OCC to create something appealing for fintech firms that also does not stir up trouble among community bankers.
Cole said the OCC should be wary of creating a new charter at all.
"Let's wait for the next downturn, and let's see how fintech lending survives during that next downturn," he said. "There might be a lot of defaults, [and] where are the customers going to go to try to work out these defaults? All they have is a computerized company [lacking] the staff to do the kind of customer contact that banks do."