Compliance Management For Marketplace Lenders
Whether you engage in peer-to-peer lending, equity crowdfunding or other types of marketplace finance, the complexity of the regulatory landscape is creating unprecedented levels of risk. One misstep can destroy what you have worked so hard to build. Learn how our compliance management solutions can keep your company safe in this rapidly changing environment.
Our experienced professionals can design a compliance management solution that gives you the confidence that your regulatory obligations are being met.
Call us at 1-866-505-3542 or contact us.
“P2P Compliance combines serious expertise with practical solutions.”
Follow industry news, regulatory developments, and our thoughts.
While we could probably list dozens of attributes that an effective chief compliance officer SHOULD have, we have come up with 7 that they MUST have. An informal survey of CCOs revealed that the very the first attribute – a keen understanding of the regulatory landscape – has consistently been the most difficult to master.
- Have a keen understanding of the regulatory landscape (i.e., best practices, rule changes, red flags, proposed rule changes; examination trends).
- Have complete familiarity with the company’s compliance policies and procedures (i.e., compliance is not just one among many responsibilities).
- Have detailed knowledge of the company’s business, customer-base, operations and personnel (i.e., know where the risks are).
- Have the ability to foster a culture of compliance.
- Have an understanding of how the company uses technology and any resultant vulnerabilities.
- Have the skill-set to supervise all aspects of the company’s compliance program, including the annual risk assessment, annual review and compliance testing.
- Have the courage to speak truth to power (i.e., have the ability to tell the founder that they cannot cut corners).
One of the most daunting aspects of being a marketplace lender is determining what laws and regulations are applicable to your business. After all, if you don’t come under the authority of a specific regulator (think broker-dealers and FINRA or investment advisers and the SEC), then you might end up being subject to numerous regulatory regimes and at the mercy of multiple regulatory authorities.
We came up with 26 Acts, Laws, and Rules that are governed by 7 different federal agencies (plus the applicable agencies of the 50 states). It doesn’t take a compliance scholar to know that this is not only a crushing amount of rules and regulations to keep track of, but also a significant number of regulators that have the right to poke around your operations.
This list is not meant to be exhaustive and does not touch upon the myriad individual state and local ordinances and regulations that may be implicated by your company’s operations. Nor does it address the regulations of foreign countries, the European Commission or other non-domestic regulatory bodies. Still, it should give you a framework for analyzing which domestic regulatory schemes may apply to the conduct of your business and whether you have policies and procedures in place to address those regulatory requirements.
SEC = Securities and Exchange Commission
CFPB = Consumer Financial Protection Bureau
FTC = Federal Trade Commission
OCC = Office of the Comptroller of the Currency
FinCEN = Financial Crimes Enforcement Network
FCC = Federal Communications Commission
FDIC = Federal Deposit Insurance Corporation
Securities Act of 1933/Regulation D (SEC)
Blue Sky Laws (Individual States)
JOBS Act/Crowdfunding Rules (SEC)
Investment Advisers Act of 1940 (SEC)
Securities Exchange Act of 1934 (SEC)
Investment Company Act of 1940 (SEC)
Consumer Protection Laws
Truth in Lending Act (CFPB)
Real Estate Settlement Procedures Act (CFPB)
Fair Credit Reporting Act (FTC, CFPB)
Equal Credit Opportunity Act (CFPB)
Fair and Accurate Credit Transactions Act (FTC, OCC)
Bank Secrecy Act/USA Patriot Act (OCC)
Know Your Customer (FinCEN)
Gramm-Leach-Bliley Act (SEC, FTC)
Identity Theft Red Flag Rules (SEC, FTC)
Laws Governing Conduct after Data Breaches (Individual States)
Information and Data Security Laws (Individual States)
Usury Laws (Individual States)
State Licensing Requirements (Individual States)
Electronic Commerce Laws (FCC)
Securities Whistleblower Incentives and Protection (SEC)
CAN-SPAM ACT (FTC) Servicemembers’ Civil Relief Act (CFPB)
The Electronic Signatures Act (FDIC)
Unfair or Deceptive Acts and Practices (FTC)
Telephone Consumer Protection Act (FCC)
Building an effective compliance program goes beyond having a compliance manual or code of ethics, although these are obviously vital components. An effective compliance program is best thought of as a process. Circular in nature, it has a distinct beginning, but no end. Each time through the cycle, imperfections are uncovered, compliance risks exposed, policies and procedures revised and your company becomes that much closer to compliance perfection (illusive though that may be).
The process of building an effective compliance program is straightforward:
Step 1: Assess your company’s compliance risks.
Step 2: Develop policies and procedures to mitigate those risks.
Step 3: Determine the adequacy and effectiveness of your policies and procedures.
Step 4: Update your risk assessment to account for all newly exposed risks.
Step 5: Revise your policies and procedures to mitigate these new risks.
Step 6: Repeat. Repeat. Repeat.