Safely Selecting the Right FinTech Solution

Safely Selecting the Right FinTech Solution

August 21, 2023

“Growing With a FinTech’s Help – Intentionally and Safely,” originally published in Credit Union Times, July 24, 2023

As regulations evolve and change, it’s important for credit unions to keep up. While there are a variety of ways to stay on top of those changes, many credit unions are turning to financial technology solutions to help them navigate the new landscape.

There are tons of fintech options out there. Erin O’Hern, VP of Strategic Initiatives at ViClarity, and Carrie Helmle, Senior Director of Audit Services, contributed to a Credit Union Times article discussing the importance of being careful and intentional when selecting the best solution. To ensure long-term success, it’s critical to ensure the goals and objectives of the fintech partner align with the credit union’s goals and objectives.

Vetting Your FinTech

O’Hern said the process of vetting a potential partner is like selecting any other critical vendor, but a fintech vendor requires additional due diligence. Key areas to consider include cybersecurity, privacy, member data protection, and thoroughly understanding the service or product the fintech provides. O’Hern elaborated on what exactly credit unions can be looking for to ensure the fintech meets specific requirements.

“For instance, in addition to ensuring basic elements of technical security are in place, credit unions should investigate whether the fintech has cyber insurance, and what its disaster recovery and incident response plans look like,” said O’Hern.

Helmle emphasized the importance of the disaster recovery plan component stating, “If they are down for six hours or member information has been breached, you have to make sure you’ve done your work ahead of time to know how they’re going to handle that.”

Reputation Management

In addition to thoroughly reviewing vendors, another key consideration is reputation management. While it’s easy to view the credit union and the fintech operating as two separate entities, there is more crossover than one may think. For instance, every action the vendor takes reflects on the credit union. If an issue arises with the vendor, members are most likely to blame the credit union.

“There’s extra pressure not only to make sure you’ve got everything in order in terms of your contract responsibilities going forward and the fintech’s security, but also how confident you are in their ability to continually provide service to members, because often times they are member-facing,” said O’Hern.

Ongoing Due Diligence

After a credit union selects a fintech partner, they must continue to monitor the relationship. This is a critically important piece of vendor relationships that many credit unions overlook.

“We found that many credit unions took a ‘set it and forget it,’ approach,” said Helmle.

Ongoing due diligence can protect credit unions and their member data. This can include periodically reviewing a fintech’s — or any other vendor’s — reports and financials, visiting their place of business, and ensuring the fintech is continuing to adhere to regulations applicable to the area of credit union operations with which they are helping.

However, Helmle also emphasized there is no one-size-fits-all playbook when it comes to fintech due diligence – the process will look different every time depending on the type of vendor, its level of access to credit union and member data, and the value its services will bring to the credit union.

Read the full article


Recent/Related Articles

The Value of Asking "What Happens If?"

August 25, 2023

ViClarity’s VP of Strategic Initiatives, Erin O’Hern, provided perspectives on risk management in an article called “The Value of Asking ‘What Happens if?'” that appeared in the August 2023 issue of CU Management.

Why Leveraging Vendor Management Best Practices Is Key for Risk and Resilience

August 16, 2023

Regulators are strengthening rules and focusing on operational resilience across sectors — particularly in the financial industry. Financial institutions of all types are working to empower their organizations to resist, absorb and recover from or adapt to risk events. One of the most common threats is third-party risk.