Startup Hummingbird, which recently raised $8.2 million in Series A funding, is a provider of anti-money laundering (AML) compliance technology.
One of the company’s main initiatives is creating awareness around the limitations to the fintech partnership model, particularly around compliance – a hot topic these days.
Hummingbird offers two main products: a case management, investigation and reporting platform as well as an API for validating and filing regulatory reports. With these products, it aims to “drive down costs, improve accuracy, and automate financial compliance programs, while also facilitating collaboration and technological advancements.”
FinLedger recently connected with Hummingbird co-founder and CEO Joe Robinson about the compliance landscape, and lots more, in this in-depth Q&A.
FL: You have been critical of the compliance landscape related to the fintech partnership model. What are your specific concerns? What industry niches or partnership types are most susceptible to compliance risk?
Joe: A lot of good comes from partnerships between banks and fintechs: underserved communities gain access to financial services, personal financial health gets a boost, and innovations are launched. As these partnerships form, it’s important to ensure that compliance with regulations is taken into consideration – these laws help keep our financial system safe and protect consumers.
Managing compliance operations is challenging in general, and when the work is spread across partners it can be difficult to stay on top of. The partners need to understand who is responsible for different parts of the compliance program, and set clear expectations with each other about needs and timing.
We have a saying at Hummingbird that the only people better than venture capitalists at finding early-stage fintechs are criminals. Money launderers and fraudsters know that newer companies tend to have less protection, and often start to target them pre-launch – much earlier than you would think. Combine this lack of defense with unknown risks that are common to innovative financial products, and you have a pretty potent mix for trouble.
FL: In fintech partnerships, how do you determine which party is accountable for specific compliance requirements – like suspicious activity reports?
Joe: Ultimately the bank is legally responsible for compliance in most partnerships. But this isn’t a free pass for fintechs, and in many ways it can be very good for them to get a strong compliance program in place for a few reasons.
The first is that practicing strong compliance will help maintain a healthy relationship with the partner bank. When partnering with fintechs, the bank’s top concern is compliance, as they are ultimately responsible if something bad happens. Banks often ask their fintech partners to launch softly with friends & family as the first users – this is mainly so that they can see if the fintech has adequate controls in place and what sort of risks they will be exposed to. If the fintech can demonstrate that they know what they’re doing in risk and compliance, they’ll sail through this period more easily.
Another reason is that getting good at compliance can open new partnership opportunities for the fintech. Being able to demonstrate that they have effective compliance controls in place will help the fintech attract new partners and reduce lock-in to one sponsor bank. Being able to get competitive offers is good in any business relationship, including finding a sponsor bank.
Finally, risk and compliance are foundational practice areas for any financial institution. As a fintech grows, it may eventually want to be directly regulated. Have a strong compliance program and buttoned-up audit trail for historical work will help the fintech obtain the licenses to provide financial services directly.
FL: Looking across the regtech landscape, where have you seen the most innovation in the last twelve months? What area of regtech has the biggest need for innovation in the next five years?
Joe: An exciting trend in regtech is the push towards modular services that are interoperable. Legacy compliance technologies took a one-size-fits-all approach, bundling dozens of practice areas together with complex products that don’t do any particular thing well. These products expect financial institutions to look like banks from the 1990s, and guess what? They don’t. Financial institutions have diverse needs and risks and need to be able to mix technology services to fit their unique characteristics.
Modularity in regtech enables financial institutions to connect best-in-class tools that fit the needs for different practice areas. At Hummingbird, we focus on being the best case management, investigation, and reporting platform – we’re a modular part of the ecosystem that can work with many data sets and monitoring solutions.
Looking forward, an area that regtech can really help is bringing machine learning algorithms to financial compliance. Machine learning will offer dramatic improvements to compliance practice areas like AML transaction monitoring, but the technology isn’t widely applied in that area yet. AML monitoring has unique characteristics that make it a more complicated area for machine learning: regulators need to be assured that model decisions are explainable, and the AML practice area lacks a strong feedback loop that can be used to train machine learning models.
The Hummingbird platform helps data scientists develop structured datasets for machine learning, and we connect the model outcomes to human-in-the-loop workflows that are designed for regulatory compliance. We believe in democratizing data science for anti-money laundering initiatives as a way to drive greater effectiveness in the fight against financial crime, and our platform provides the infrastructure for this work.
FL: Are you seeing regulatory bodies like FinCEN work with tech companies to protect the future of financial transactions and limit risk? Essentially, who is driving innovation? The banks or the regulators?
Joe: Yes, we are excited for the support for innovation from both banks and regulators over the past few years. In 2018, five federal regulators made a unique statement in support of innovation in anti-money laundering compliance. More recently, FinCEN made an official request for comments on AML program effectiveness, and has been seeking to learn about innovative technologies and approaches through its Innovation Hours Program. We are encouraged by the community spirit of these initiatives, and these efforts will lead to improvements in the fight against crime.
Many banks that we speak with are also fostering improvements through their innovation groups. These teams focus on helping the bank identify and pilot new technologies, and in turn help smaller companies like Hummingbird work with larger enterprise customers. We’ve been very grateful to have the support of innovation teams that we’ve worked with.
FL: Does the emergence of challenger banks add a new layer of complexity to the regtech landscape?
Joe: It’s an incredibly difficult process for a new company to obtain a banking charter, and we’ve been encouraged to see our friends at Varo and others achieve it. Regulators set a high bar for compliance at banks of all types, and challenger banks are no exception.
In terms of technology, challenger banks have the distinct advantage of not having to wrestle with legacy systems and data sources. They are able to start fresh with the vendors that best suit their needs, and have the opportunity to develop clean datasets from the start – this also gives them an advantage for future automation needs.
In many respects, challenger banks are a place where regtech can really shine. Regtech companies can help these newer institutions stay compliant and streamline many of the tedious operations that older institutions are forced to deal with.
FL: Let’s talk a little about the megabank landscape. It’s been reported that regulators have been critical of some large bank technology systems and infrastructure. Do you think large banks are technologically prepared for modern financial threats? Where do you see the most weakness? Strength?
Joe: Large banks still provide the vast majority of financial services to society, and most of them are investing billions in technology and innovation. But many are quite old and have the burden of supporting legacy systems – the banking industry still uses large numbers of mainframe computers and data programming languages like COBOL. A CIO of a large bank once shared with me that they had over 4,500 distinct data sources to work with.
Aside from technology, large banks are very complex. Most have become multinational conglomerates that serve many markets and customers, all with different needs and risk profiles. This complexity adds to the difficulty of staying compliant with regulations.
Large banks are investing heavily in their efforts to fight financial crime. They have the resources to build in-house data science and analytics teams, but need specialized tools and infrastructure to support them. Our philosophy at Hummingbird has been to complement in-house resources so that they can focus on projects that are unique to their needs, while providing tooling for more general parts of compliance that aren’t as differentiated for a single bank to build.