This Wednesday, the Association of German Banks (bankenverband) revealed the Outsourcing Guidelines they have been working on for some time now. Developed together with selected banks and FinTechs, the Guidelines introduce a new model for cooperation, aiming to decrease the risks of FinTech-bank cooperation, to clarify regulatory requirements, and to solve the challenges that might lie ahead in the integration process. The Model is expected to simplify operations, providing a faster time-to-market.

Bank-FinTech cooperation processes are usually tough to crack. Closing long, ambiguous contracts is often just the beginning of a lengthy onboarding process, which might take up to two years if everything goes as planned. One can visualize this process with a traditional Matryoshka doll – opening up the layers usually lead to finding more and more issues to untangle.

Mostly unaware of the regulatory requirements lying ahead, when FinTechs see an intention from the banks’ side to collaborate, their focus is to usually bring the product to the market as quickly as possible. However, quite often, this goal is stalled and delayed by long decision-making cycles, slow due diligence processes, and ping-pong conversations with the regulator. Seconding the Guidelines: “…Business relationships between banks and FinTechs and the associated outsourcing issues may develop more dynamically than is the case with traditional outsourcing…One of the biggest challenges for collaboration between banks and FinTechs is that FinTechs often have to meet requirements that are disproportionately high in relation to the actual risk that the bank has to bear“. Also, the risk assessment processes of banks are not sufficiently transparent, and sometimes the advantages of the cooperation have to be weighed against the cost of red tape. In this sense, it might not even be too wrong to say that banks’ ad hoc, customized practices are making the standardization of the processes impossible. Therefore, there was a market need for a standard set of rules that addressed both sides of the coin.

The Association of German Banks’ Model aims to increase the security of the banks by introducing a tool that accurately assesses the risks that are borne by the banks due to outsourcing. Announcing a systematic risk assessment methodology based on a question catalog of 18 different inquiries, the Model focuses on the business continuity, regulatory requirements, service provision on the part of FinTech, provision of services by the bank, and information security. The Model is said to assign each question to one of the “risk” or “impact” coordinates of the model, which eventually determines a risk/impact score and a four-tier risk maturity for specific aspects of the cooperation.

In addition to the Model, Outsourcing Guidelines of the Association of German Banks also outline practical recommendations for banks and FinTechs. The Guidelines recommend banks to involve all relevant functions in testing, and to leave space for customization and continuous monitoring. At the same time, FinTechs are encouraged to identify a regulatory roadmap, to perform self-assessment in the light of the collaboration, and to keep an eye on the future (by planning to apply for their own license).

Developing and testing this model was the first step towards implementation and market-wide acceptance. While waiting for the first batch of feedback, this initiative by the Association of German Banks should be interpreted positively, inspiring other umbrella institutions with actively seeking ways to tone down the differences between start-ups and corporates and improving the collaboration aspect. 

The full text of the Guidelines can be reached through this link (available only in German), whereas the Excel model is made available only to the Association of German Banks’ members per request.

by S. Elif Kocaoglu Ulbrich