The Power of Resilience: Overcoming Regulatory Challenges – Full Transcript

December 16, 2024 ACT3 Agency Uncategorized Comments Off on The Power of Resilience: Overcoming Regulatory Challenges – Full Transcript

Welcome to Breaking Banks, the number one global fintech radio show and podcast. I’m Brett King and I’m Jason Henricks. Every week since 2013, we explore the personalities, startups, innovators, and industry players driving disruption in financial services.

From incumbents to unicorns and from cutting edge technology to the people using it to help create a more innovative, inclusive, and healthy financial future. I’m J.P. Nichols, and this is Breaking Banks. Today, we’re going to explore the strategies and insights that help financial institutions thrive in face of challenges.

Organizational resilience amid regulatory pressure is a critical muscle as we move from a world of risk mitigation to risk management. In the first half, CrossRiver Bank founder and CEO, Gils Gade, joins Mandy Simpson and Clayton Mitchell of Crow to talk about how banks can not only comply, but also adapt, innovate, and grow stronger through the pressures. Gils talks about CrossRiver’s consent orders as stepping stones, not stumbling blocks, as they look to better serve customers.

In the second half, Phil Goldfeder, CEO of the American Fintech Council, joins Mandy, Clayton, and I to talk about the broader ecosystem and how it’s maturing in a post-Synapse world. Next, on Breaking Banks, organizational resilience. A lot has been happening in the world of banking, fintech, and especially regulatory action.

I think we had such a lull for an extended period of time where you could say interest rates are low, the activity, especially the proactive activity outside of the CFPB, relatively limited. And that seems to have changed dramatically across several courses of this action. And one of the things that I find particularly interesting is if we roll back to 2008, which is probably where I’d say you started to see interest rates, or definitely that’s when it went to zero, but also some of this regulatory pullback, Gils, from the outset, you were building something different than your typical risk-averse bank.

What did you see then when everyone else was zigging? You definitely did the zag. What is that? So it’s like everything. You love to play Monday morning quarterback and claim that you had this grand vision where everybody is going to call you a genius, a post-facto.

Nothing could be further from the truth. Everything happens by happenstance. And it happens for a reason, obviously.

But when I started the bank back in 2007, I was actually looking for a core engine. And I went to a couple of conferences, and I was appalled by the lack of technology. I mean, it was like dot screens.

It was extremely manual. Nothing was automated. And particularly, everything was batched.

And for me, if you want to service a customer, you want to be able to tell the customer that what you’re looking at in your bank account is actually what is reflected on our ledger. And this is something that we really took on that head-on by saying, we’ve got to challenge the status quo. There’s got to be a better system, a better way of doing technology for bankers in order for those banks to be able, in turn, to provide a better service for their customers, whether they be small businesses or individuals or consumers.

And that’s kind of how we stumbled upon the idea of starting at home. Our charity starts at home. We felt bad for ourselves.

And we said, we’ve got to come up with a better SEH system, more automated. We’ve got to come up with a better way of banking. Now, the big difference is that we could have done this just for our footprint, just out of 3,000 customers or accounts that we have.

Or you could partner with folks that would actually take on that technology and spread their tentacles across a broad spectrum of what we call the fintech ecosystem. And that’s how we engaged in that endeavor, which is to provide an infrastructure layer to the folks that want to have the consumers to get better access to credit and a better experience on the banking side. So I’m curious.

This surprises me. The cultural changes that you ended up making were driven because you saw a technological need and you had to build backwards. You couldn’t just take traditional bankers and throw it on top of new technology.

The new technology that didn’t, you know, I think we all remember the three balances. You can see your current balance, your ledger balance, and your available balance, right? And you’re like, what is this? Like, I don’t have three kinds of money right now. But solving that problem led you to build an entirely different kind of organization.

Yeah. I mean, that’s really, that was the impetus. And I must say, it’s one thing led to another.

Like, we started with an ACH manager back in 2012 or 13. And because, you know, we were catering to, let’s say, our marketplace lending partners. And they were sending, we were sending a truncated wire that they interned to, let’s say, Wells Fargo.

And in turn, Wells Fargo would send it to, let’s say, 2,000 borrowers to be funded that day. That didn’t make any sense. Why go through that step? We reached out to our core engine, which shall remain nameless at this stage.

But the core engine said, not doable, unless you’re actually entering every single ACH manually. We said, okay, just open the API, we’ll come up with our own solution. Once we had that ACH manager, and I’m talking about like 2012, 13.

So that’s pretty early on, right, in the evolution of the fintech ecosystem. Then we really thought, oh, we’re sitting on something pretty, pretty nifty. Why don’t we go out and try to sell it to the folks that are very ACH intensive? And maybe they would have an interest in taking it on.

And lo and behold, folks like Conebase, for example, which became like almost an immediate client in 2014, they embraced the technology, said, this is pretty neat. We’d like to explore other things that you may have. And we said, we don’t have much more.

I mean, we can start here. But what do you mean? What do you need? Oh, maybe we need a ledger. Maybe we’ll sell a ledger.

Maybe we need subaccounts. Maybe that would be actually very helpful in doing reconciliation in real time, as opposed to having to batch those transactions, particularly crypto to fiat, fiat to crypto, which at the time, if you remember, 2017, was taking five days. So imagine when we created that capability for Conebase, they immediately reduced the reconciliation process from five days to one day.

And that obviously triggered an avalanche of volume, which contributed to the growth that Conebase experienced at the end of 2017 and 2018. So these are the type of things that we love to hear, that we love to be challenged on. We get use cases from our clients, and we do have the technology know-how and the compliance know-how to go along with it.

And the pair of the two, you know, led us to build our own core, one attribute at a time, one API at a time. And now we’re sitting on a real-time core that enables us to provide a lot of those banking services that other banks are still using traditional core engines to do. Mandy, I’m curious from your perspective, the number of banks that Crow works with from the willfully, you know, staying within the lane, did you, part of what sets CrossRiver apart in my mind is this idea of like, take a step, build up the compliance and risk muscle next to it, take another step business-wise, which led to technology, right? Each one of these builds on each other.

It’s less kind of grand vision that we talked about. It’s like, oh, here’s what we’re going towards, but very reactive to the business opportunity in building the, you know, the three-legged stool of business, risk and compliance and technology together. How different is that than what you would call the mainstream bank? Yeah, I think, you know, you’ll always have banks who are, I would say, kind of at the edges, those who are thinking innovatively, willing to innovate, thinking about it in the right order or the right mix of needing to make those investments in the processes and the framework and the risk management as they’re being innovative.

But it seems like, again, if you think about the broader banking sphere or certainly across our 1,800 financial institutions we work with, I would say that’s probably not true of most. You know, most are kind of staying in the middle there. You use the term, I think, willfully lagging behind.

I don’t know that we, you know, perhaps there are fewer of those. I think there’s a lot that are recognizing they need to do something, but probably very few are out there, you know, being innovative and are more hanging back. And I think, you know, you talked about the flurry of enforcement action activity and some of the themes that we’ve seen, you know, certainly that’s giving them probably another reason, unfortunately, to hang back or to, you know, not be out there at the leading edge of anything when, for the sake of the industry and their ability to stay resilient and kind of relevant, they probably need to continue thinking about developing in that area.

Well, that’s a great segue into let’s get into this idea of resilience. Giles, I’m curious from the outset, like, did it cross your mind, like it probably did, that at some point we might trip over, you know, a regulator who, like, doesn’t understand or something happens. And then, of course, that did happen.

Can you walk us through, you know, first the context around the consent order? But the part I’m most interested in is how did the organization respond to that? So obviously that’s, I would say, that’s the holy grail. This is the epitome of banking is always trying to stay ahead of the regulators and particularly if you intend on growing one particular area, make sure you build a very robust compliance management system behind it first and establish your compliance module. The only caveat or the only problem with that theory is that, you know, the difference between theory and practice, in theory there isn’t, in practice there is.

So unfortunately in practice, you know, you’re dealing with regulators, particularly the folks in the field that are accustomed to doing the same thing for the past 75 or 80 years. I mean, the manual hasn’t changed that much and it’s very rigid and they’re adverse to technology or technology advancement or modernization. And we were trying to open the dialogue on that front and by telling them, listen, we’re discovering as much as you are, we’d love to service the consumers, we think we’re protecting the consumers.

If you’re telling us that we’re not, we’re happy to change because we want to be always on the right side of regulatory compliance. And unfortunately, that dialogue led to the first consent order in 2018, right on the consumer compliance side. And then a second consent order, which is, you know, a year and a half ago on the fair lending side.

So it is a trial by, you know, by trial and error. It is extremely difficult to compose with that. Unfortunately, you know, there was COVID in the middle and there was an avalanche of transactions online.

And what do you do? You tell your partners, sorry, but we can’t provide services to your clients anymore, particularly the ones that need to put food on the table or, you know, PPP loan endeavor in order for them to actually be able to pay payroll, to make payroll at the end of the month. So we are caught between a rock and a hard place. On the one hand, we need to service and to deliver that promise that we made to ourselves that we will make a difference for the consumers and the small businesses.

On the other hand, we need to satisfy the regulatory environment by saying, if you grow too fast, make sure you have the proper regulatory compliance ahead of time. And sometimes you’re just playing catch up. And that’s what happened both times.

And it’s unfortunate. We wish that there was a better dialogue between the regulatory environment. But again, this is really trying to change the status quo, something that has been very well established for 200 years plus as, you know, from the dawn of civilization or the dawn of the banking industry civilization.

This is the way they’ve been conducting regulatory exams and they’re not prepared to change that. So we’re trying to bring an element of discussion to the equation. And maybe we made a little bit of a difference.

Hopefully we did. But if we get dinged along the way, you know what, I’m not regretting any of it because at the end of the day, we’re delivering a really differentiated product and service to the consumers that has been direly needed. There’s so many ways to go with that.

Clayton, I want to start because there’s something to be said around this dialogue. And I want to intertwine you and I always talk about the minimal maturity model. Right.

And I think the the the intersection of having regular dialogue and a shared vernacular around that expectation, what have you seen that really works for the banks that want to continue making progress towards that with regulators that may be entrenched in a 200 year plus history? How do you best make that dialogue happen? Yeah, I mean, I think a couple of things that have already been said that I want to I want to anchor back to and then and then jump to that, I think, Gilles, your your comments and commitment to your customer at the center of everything is where this all needs to start. I mean, at the end of the day. We we want to start with our customer, whether you’re a whether you’re a progressive bank or a bank that is struggling to to to to move forward, keeping your customer at the center of this is is absolutely imperative.

And the way that you do that is is based on the products and services that you’re offering, making sure that those are fair and appropriate to your customers. And based on the products and services that you’re offering to them, that you’ve set up and established an appropriate strategy that you understand the laws, regulations and guidance that is applicable based on the customer base that you have and the products and services that you offer. You know, thinking about the governance processes, the due diligence, the ongoing monitoring, the risk management, the onboarding of customers, fair lending, complaint management, all the different aspects and jobs to be done that need to happen within the concept of of this of of that relationship that you’re you’re establishing that you do define, Jason, what we talk about as what is minimal acceptable maturity and how do you build.

Incremental compliance proportionate to the growth, and I think there’s chicken and egg there. Obviously, sometimes we’re dealt cards where that’s a little more challenging than others. And, you know, once in a lifetime, knock on wood, global pandemic should be one of those.

But I think as you’re as you’re looking at establishing those those relationships and those controls and that that governance, it’s really looking at what is the impact to customers? What is the what is the incremental risk of each partner you have, the portfolio of partners you have, and how is that outsized or undersized against the rest of your enterprise? I think that’s been another enlightenment that we’ve had, Jason, is in some instances it doesn’t it doesn’t move a decimal point on credit risk or it doesn’t move a decimal point on, you know, liquidity considerations. But in other instances. Best relationships are driving 80 percent of revenue for the bank, so it’s having that proportional risk management that allows you to implement those programs, but not.

Not establishing or expecting organizations to establish. Best in class day one, millions of dollars of investment in risk management, you do that incrementally as you build your program and you can do that as you as you launch your programs, as you scale your programs and you incrementally get better from a maturity perspective across all of those those elements and jobs to be done as as your revenue and and what I’ll call realized risk comes into play. I think when I go back to like the conversation with regulators, there’s a lot of perception of risk.

The key is, how do we measure and report our realized risk to be able to demonstrate that that risk management and mitigation factor over time to be able to to to show that our minimal acceptable maturity is right there and we’re going on offense and we’re doing what we say we want to do when we say we want to do it and how we say it and then and then being able to demonstrate that in the best of your ability. I love what you said. This is exactly the point that if I may add, I would say identify whether the bank has the commitment, not a willingness, but the commitment and the ability to execute on that vision.

So in other words, we’ve got to be committed to regulatory compliance. We’ve got to be committed to consumer protection. There’s no question in my mind that that commitment and along the lines of that commitment, you need to have the ability, equip yourself with the right domain expertise.

And once you have that, then, like you said, incrementally developed a robust compliance management system and a risk management program. And and I think that if somehow, you know, the environment could embrace that that concept, I think the banks would be in a better position to be able to, you know, tackle the regulatory challenges and number two, to provide a better service to consumers. Because I want to build on that, because one of the capabilities that is so important is the risk tolerance, right? And let’s face it, within most banks, we are risk averse because we have this credit mindset where loss is bad.

And so we do everything we can to keep as much risk in a box. Culturally, what were the reverberations with the first and then the second consent orders? Culturally, did people like throw up their arms and say, ah, you know, we told you it was bad. And how do you how do you manage that? Right.

Because it’s all well and good until it wasn’t the Mike Tyson. It’s all well and good to have a plan to get punched in the face or everyone has a plan to get punched in the face. Right.

Consent order kind of feels like that. Was there like this giant shift back to being more risk averse? How do you manage that? So, listen, what the thing that I’m most worried about is really comply of rather regulatory PTSD, and we need to manage to the best of our ability and not manage based on something else and then external factors such as a consent order. So, in other words, if we start to deviate from that mission where I said commitment and ability, then we’re going to start really veering away from serving our customers first.

It’s it’s inevitable. Unfortunately, we saw it with many banks and particularly with Wells Fargo with a consent order that just got out of after seven years. We saw that that you know what that triggered vis-a-vis their their consumer base.

The consumers were not served anymore because there was that PTSD or the handcuffs behind your back. We are in a position whereby we believe that if we’ve been invested with a responsibility to serve the consumers in a new arena of products and services whereby they have better accessibility to credit, real financial inclusion, not just a slogan on the website or a deck, but a real financial inclusion endeavor and consumer protection at the same time. That’s our objective.

That’s where we want to go. That’s our target. That’s our North Star.

If that is our North Star, then we cannot have anything come along the way and become an obstacle to our path to accomplishing that. I always say to my staff, the only difference between a stumbling block and a stepping stone is the way you use it. And to us, a consent order is a stepping stone.

It’s a way to open a dialogue with the regulators, becoming better if we’ve been weak in one area of compliance. And I’m not saying that we’re perfect, but we always try to improve. But keep your eyes on the ball and the ball, like Clayton said before, it is the utmost service of the consumer and the customers at large.

I love that imagery that I’d say extending that for Wells Fargo, the North Star became the consent order and they lost sight of what is the real problem we’re trying to solve, which is that consumer, the inclusion, the doing new things that improve the world, and therefore it becomes a stepping stone to have the consent order. Maybe I know you spend a ton of time working with organizations, this idea of how do we build resilience? Where have you found for organizations that might be more rigid and therefore more fragile, how do they even get on the path toward building resiliency? Yeah, well, I love that stepping stone analogy, so that’s definitely going to be one that sticks with me, Giles. I had heard a consent order described as the most expensive job review or performance evaluation that you’ll ever receive.

I think, Jason, it might have even been one of your guests that said that. And so but I think to your point, it’s all about what do you do with that? Do I quit the job or do I get really hung up on that feedback or do I kind of take that feedback, make myself better and move on? You know, on the resiliency front, I mean, there’s all you know, there’s been a lot of good guidance or helpful guidance, I think, that’s out there around resiliency. A lot of focus on this that I think particularly for community banks who, again, may not have all of the staff and all the resources they think can be helpful to, you know, having, you know, hey, here’s the things you should be asking.

Here’s the things that you should be thinking about. And so I think those institutions who are kind of taking that, taking the guidance and the information that’s out there and kind of embracing that, doing something with it, taking it to heart, I think, you know, are positioning themselves better, you know, to be successful in this area. And I think particularly in the fintech relationship space, I think what’s really important is that the fintechs that they’re partnering with embrace that guidance to to say, hey, I know when I’m going to partner with a bank that I’m becoming part of their business continuity plan and becoming part of their enterprise risk framework.

And so I have to hold myself to the standards and kind of be prepared to operate at that heightened level of expectation. And so I’m, you know, I think those those fintech partners and the banks who partner with fintechs who kind of take that more seriously and kind of understand that heightened expectation certainly I think will be proved to be more resilient as well. So one last question, being cognizant of time as we’re coming up to the break, Gils, how do you think about what’s next for what you’re facing? You’ve had two great stepping stones that very easily could have been stumbling blocks.

You’ve built more resiliency into the system. Where is CrossRiver pointed in terms of the big problems you really want to change? What we want to continue on that path that we charted for ourselves when we started literally 16 years ago, we are 100 percent in. There’s no other way of putting it.

We’re in sweat, tears, resources, employees, money, capital, investors behind us, our boards, definitely our management team. We’re fully dedicated to this cause called financial technology for the purpose of financial inclusion, accessibility to credit and serving our customer base. So we’re just going to keep doubling down.

We’re in this to win and we’re in this to win not because we want to be the best or the biggest or the wealthiest, but we’re in this to win because we know it’s the right thing. And this is really what it comes down to. If you have the conviction, you know, Nathan Hale said, I wish I had two lives to give to my country.

You know, hopefully we’re not going to come down to that. So but we definitely the life that we have that was given to us by the regulators 16 years ago, we intend in using it to the fullest because we know that what we’re doing really changes the world for the better. And we hope that we’re actually charting the trajectory for the rest of the fintech banks or the banks that are friendly to fintech.

So, you know, for the fintech bank partnership model, that’s what we hope. It’s not about competition. It’s about, you know, if I was imbued with a responsibility to be to have a first mover advantage, we’re taking that responsibility to the fullest.

And this is the way we’re looking at it. We can’t afford to waiver. We can’t afford to, you know, to blow with the wind.

Like there’s another expression for you, Mandy, if you want, is that you can’t control the wind, but you could adjust the sail. And that’s what we’re doing with every consent order and with every regulatory injunction. At the end of the day, we’re just we’re adjusting the sail in order for us to continue to bat to to battle the storm.

Well, after the break, Mandy Clayton and I will continue the conversation about sailing in uncertain waters, specifically around how do we manage risk in an uncertain world? And how do we think about the changing pressures on how we manage third party relationships? After this, more Breaking Banks. Banks and fintechs are no strangers to moving fast and being disruptive. In fact, these qualities have historically been a big part of their success.

But future success for many of these companies will largely depend on their ability to take on new challenges, including greater regulatory scrutiny and evolving risks for customers. Work with a firm that has extensive experience in banking, fintech and regulatory compliance. Crow can help you navigate the moments that matter most as you take your bank or fintech to the next stage of growth and maturation.

Discover how Crow can help your business. Visit crow.com slash fintech to learn more. That’s Crow C-R-O-W-E dot com slash fintech.

Visit www.crow.com slash disclosure for more information about Crow LLP, its subsidiaries and Crow Global. Copyright 2024 Crow LLP. And we’re back and now have added a new guest.

Phil Goldfeder is no stranger to this show. He is the CEO of the American Fintech Council, and the AFC represents a lot of the third parties that we were talking about that right now a lot of the regulators can perceive as bringing a lot of risk. Now, Phil, really curious right now at this state and time when you look at both, you know, the mindset on the Hill as well as how regulators are beginning to look at this.

What is the perception of risk for interaction with the banking ecosystem, with those outside of that regulated environment? That’s a great question. Thank you so much for having me back. And as I was listening to the first segment, it was fascinating because I think as Jill talks and as you look at some of the banks that are operating, their focus on consumer best practice, regulatory best practice.

How do we put our best foot forward to ensure that we’re meeting the consumer demand? I think often too often that’s forgotten in the process is that they’re doing it to serve a consumer at the end. You go into a college campus or you ask my daughter who’s in high school, right, what cash looks like. I mean, she couldn’t tell you what president was on what bill because everything is on her phone.

She pays for everything by her phone. And so to tell her that we need to go back to traditional banking is just silly. It’s not going there.

And you’re seeing that because traditional community banks are struggling to survive because no one is using them anymore. And so it goes to the question of there are innovators who are looking, responsible innovators who are looking to service those consumers, responsible community banks, responsible fintech companies. And they’re moving at a lightning pace that you’d expect them to.

Policymakers, regulators must, not could or should, must keep pace with the innovators that are serving the customers who are demanding the service. And this idea that somehow the service offerings have to slow down in the name of consumer protection, we have to stop offering consumer products is backwards. It is absolutely backwards.

The American FinTech Council represents more than 20 banks and more than 50 fintech companies that are offering responsible services to consumers. And I think what everybody said is not all fintech is created equal. It literally has become my tagline.

Right. You know, there are bad players in every industry. Right.

They’re bad. And I don’t want to go down the line and lawyers and teachers and doctors. I mean, there are people, unfortunately, even bad trade associations.

Right. There are people who unfortunately tend to spoil it for the rest of us. And regulators job is to figure out where that line is.

Right. How do we determine what is a responsible actor and who is trying to do it well? And who is someone who is literally just focused on their own bottom line? And that, I think, is the job of the regulator. Unfortunately, what we’ve seen is is sort of more.

The cliche, everybody’s heard it, but regulation, the enforcement, instead of working with the cross rivers of the world, with the coastals of the world, with all these banks, instead, they’re enforcing and coming out with these consent orders. And then it begs the question, have those consent orders helped create a safer process or a safer environment for the consumer? No. As Jill said, I think you’re providing the regulatory rules of the road via that enforcement.

But those same rules of the road, you know, could have been done through collaboration, sitting around the table, coming to sort of, you know, people like you, Jason. I mean, you represent, you know, and sort of work with dozens of banks who are all trying to do this the right way. And that’s the biggest challenge, I think, is the education part to understand what is the nature of the risk.

And it’s not just about, you know, the regulators put out third party risk management guidance. But June of last year and then just a couple of months ago, essentially put out the exact same guidance with a couple of pictures around it. Right.

Made it a little bit more readable. So what you know, it took them a year to sort of take the guidance that came out last year and sort of made it a little bit more reader friendly. Right.

We need more. We need real engagement. And that’s how we’re going to make this system better for the for the banks.

And it’s so funny you say that, because when it came out, I like read it and I immediately went back to the next. I’m like, I clearly didn’t download the right thing because I just read the same thing again. And then I read it again because I’m like, I’m clearly not reading deep enough because I’m totally missing something in this that it’s kind of the same thing.

Just written, you know, maybe put it into chat GPT to clean up for language. So, Clayton, I want to do an inverse of your minimal maturity to build on something I think Phil said, right, which is there’s bad actors everywhere. And let’s say there’s also even just those morally agnostic.

They’re doing business for the sake of doing business versus pursuing consumer good. And I would say, you know, the purpose of bureaucracy was to remove the emotion and this judgment thing, except there has to be some judgment. So what’s the inverse of that? When you think about banks and put them in the framework of like, how do they fit and how do they express like we’re doing this and what is the bigger purpose behind that? Yeah, I mean, there’s obviously no shortage of examples of.

Folks who have done this amazingly and have gone through however many waves we want to say we’ve had since the early 2010s until today that have come through this. And then we’ve we’ve seen some situations and scenarios in the last couple of years, maybe maybe a handful of months, better said, where where the activities and the governance and the controls haven’t haven’t been haven’t been executed in a meaningful way. And I don’t know that I would I would ever go down the path of saying that that there is intentional malfeasance or that folks really didn’t want to do right by their customers.

I think what I would say is growth at all costs is pretty dangerous at the end of the day. And, you know, being deliberate about your internal strategy, being deliberate about the partners who you choose to work with is really, really important. And in some ways, I suspect there are situations where, you know, fire fueled fire and one small misstep led to many missteps.

And I think the you know, if there’s if there’s a. If there’s a silver lining here and I’ll just be you know, I’ll take the risk of throwing out another probably overused quote, but Churchill said, never let a good crisis go to waste. I think that’s where we’re at is, yes, I agree with Phil in the fact that. Regulation by supervision or enforcement is less than ideal.

And he would use stronger language than I would, but I’ll moderate that just a little bit, but I would say it’s less than ideal. But the the silver lining is that there’s now a playbook. If you go back and you if you go back and you reverse engineer all of the all of the different enforcement actions, the expectations are becoming more clear.

Now, would we all agree that we wish that the the guide to community banks for third party risk management was a little more prescriptive? Sure. Do we wish that it gave. Solid, meaningful examples of what we’ve been talking about for the last 40 minutes around big fintech partnerships.

Absolutely. Absolutely. But I think if you if you open the aperture a little bit, those expectations are becoming slightly more clear.

And those who are getting into to the space and seeing this as an opportunity to get in the space where, you know, maybe some are a little more risk averse to jumping in or some are getting out and they’re seeing this as an opportunity. And they start with the how are we going to do our strategy? What does our governance look like? How do I comply with this vast sort of sea of regulation and expectation? What a better time. Yeah, maybe to just piggyback on that, I think, you know, we’ve talked about fintechs being painted with a broad brush, and I think that is doing a disservice to some of the innovation that’s going on, because I think and so hopefully banks, you know, are going to be a little bit more aware of that.

And I think that fintechs can also see that just like we can see it. We talk about it all the time. Hopefully they can see that, too.

And OK, it doesn’t mean we need to stop. You know, we do need to consider I found the community bank guy. You know, I like the plain English and I like the picture.

So maybe I’ll be the contrary in there or and kind of again seeing, OK, well, what’s covered in these consent orders maybe is different than what I’m doing or, hey, I’m going to learn some lessons from this. But let’s still continue to stay on the path and not just say, well, OK, I’m not over here doing using middleware and doing banking as a service. I mean, that’s very different than where I might be trying to operate and serve my customers and meet them in a different way.

You know, it’s interesting because what Clayton said is, well, now we have the playbook. I think that’s true, right? I think there’s definitely more clarity now. And when we go to conferences and Jason, I’m sure I heard this at yours.

The one thing you hear off the panel is read those consent orders because that’s your best guideway forward. Is that the way we should build it? And now let’s be honest, if you ask the innovative banks today, do they have enough information? Most of them will tell you, no, right? Like it’s helpful. It’s a step in the right direction.

And sort of many on your point is and I love always a good contrarian. The question is, if banks operated at that pace and at that speed in terms of the way in which they explain what they do to regulators, would we say that’s enough? Would we say like, oh, they’re doing they’re doing an OK job? You know, there’s an old scene in a movie where, you know, sort of someone’s playing baseball and they get a routine single and there’s this excitement from the dugout. It’s like, are we that excited over a routine single? But maybe there’s a problem.

Right. And I think to me at this stage of the game, I expect so much more. Our members expect so much more.

And we expect that from our regulators the same way. I think the regulators expect that same line of communication from financial institutions. And I think that’s where the discrepancy.

Well, I think this is one of the most important aspects in terms of expectation setting, and it starts with and I think this is part of the good of having the innovators that push the boundaries sometimes too far, but it moves the expectation bar. I think part of the problem we’re really talking about is the consumer expectation is moving. There are programs and startups willing to go try and fill that expectation.

They need access to the financial service ecosystem and architecture. And there are luckily innovators like Cross River willing to fill that where I worry the expectation isn’t moving fast enough is what we need from regulators rather than just a series of consent orders to kind of say in the rear view mirror here. The guardrails and not all of them, right? They’re pretty wide set still, but at least we have some clarity of which cardinal direction we’re moving.

And the question, I think, becomes in this world, there’s so many financial institutions that I think are like shutting down. Like, I love the PTSD analogy, right, where the shutdown is real within a lot of organizations. And why don’t we start with the Crow team? How do you overcome this PTSD around innovation driven by consent orders where it’s like, I can’t do anything new? I can’t partner, even if that partner isn’t doing banking as a service, but third party equals bad.

How do we get over the PTSD to deliver on the consumer good? I mean, I’ve probably said it more times than I should so far in this discussion, Jason, but it gets back to strategy, right? It truly gets back to as an organization from the board down through management and through your product teams and through your risk management teams and your second line of defense, here is what our strategy is. I always think back to the session, Jason, that Crow did with LA Labs last summer on product X compliance. And this isn’t the regulators, but like, maybe it’s the inverse of this, where the risk and compliance people are sitting in the position of the anti-innovator when your product teams are innovating.

So just wanted to sort of bring those parallels to play. Like, I believe, you know, groups coming together to a common vision with a common language to a common outcome in a respectful, intentional, customer centric, risk aware way is the way that we will move that forward. And leveraging the second line of defense and the risk and compliance teams within your organizations to help you say yes.

I think that’s what it gets down to. And let them have conversations with regulators around what’s good enough. Use what we talked about a little bit earlier around minimal acceptable maturity or minimal defensible maturity to have those proactive conversations and to establish and align to risk appetite and tolerances across the organization.

And I’ll stop short of saying truly weaponize your risk management function. But if you can weaponize your risk management function in this scenario, you are in a competitive advantage. I mean, weaponize in a very positive sense.

Yes. Positive connotation, of course. I also think it’s important to remind them in a lot of the conversations we have that inaction is an action.

And so I think, too, there is an element that by, you know, OK, I’m not going to do this. I’m not. Well, that that is choosing a path to.

And is that the right choice for you? So I think that just kind of reminding them that they are making a decision by choosing to do nothing and spur that. OK, let’s not stop. Let’s think about how we can do this to align with our strategy in a way that makes sense.

It is not a riskless strategy, right? In fact, it might be doing nothing might be the riskiest strategy of all. I love that you just said that because I think sometimes we forget that exact piece where community banks are closing at the fastest clip in history. I mean, you’re talking about, you know, over the course of the last five or six years, we’ve lost 400 banks, right? You know, I think now we’re at 4700 and change.

Community banks are innovating again to meet the demand from the consumer and to sort of figure out what their business model should look like moving forward. And so inaction, while maybe a good strategy, I’m not sure is a good one. And I want to go back to what Jill said earlier and obviously his analogy about working for him for many years.

I’ve heard it many, many times about the stumbling block or the stepping stone. But I think that, you know, you’re seeing more and more as you look at the statements of bank CEOs post consent orders in the last couple of months, you’re going to hear more of the tone of Jill versus what you would have heard maybe two years ago. If you take a look at what Wendy at Piermont said or what Chris over at ThreadBank said, they’re like, look, we get it.

There was mistakes made. We can strengthen our systems. We could do better work.

Unfortunately, we had to get the guidance this way, but we’re going to do it. We’re committed to it. And they’re kind of doubling down on their efforts to fill those gaps and continue their business.

To me, again, they look at it and says we’re ahead of the game because the banks who haven’t even looked at innovation yet. Right. However, whatever, at whatever level, they’re not even close.

Right. And so I actually, you know, you give credit to those folks who have taken those first steps and you feel a little bit bad for the folks who are so afraid they haven’t done it yet. Think about where they’re going to be in four years and five years and 10 years, 10 years.

Arguably, you could say that they’re going to be gone. Well, since we are in tour de France and I have to use one of my favorite analogies, since so many banks love to say they’re more of a fast follower. The reality is, if you’re not even on the bike yet, like maybe not even in the peloton when there’s the breakaway, you’re not keeping up.

And we’re in a situation where a lot of banks are still on the side of the road, pumping up tires and everyone else is moving past them. That’s exactly right. And I think what we all need to be careful.

And so somebody might hear that, right. A CEO may be listening to this and say, oh, my God, I’ve got to get into it. I think everybody we say is read the consent orders.

Obviously, it’s sort of step number one. Step number two is move slow. There used to be this idea that you have to onboard.

How do we shorten onboarding? How do we tighten onboarding? How do we get onboarding quickly? How do we partner quicker? I think we have all realized that the slower, the better, right. Starting down that path is critical. But whether it’s whatever you call it, you don’t need to go into full on partnership as step one.

Getting more comfortable with innovation, I think, is step one. So what I mean by that is bank tech, efficiency tech, reg tech. I mean, there’s a number of tech innovations that you can sort of take on as a community bank to get yourself more comfortable without exposing yourself to any risk.

Just the opposite. It’s actually going to help you. It’s going to make you stronger.

If you look at certain reg tech companies are going to make your systems and programs stronger. That is sort of and I’ll use sort of the gateway tech to get to the to the next level. Yeah, and I think in addition, you know, that starting slow and getting started is key.

I think the other thing it kind of ties into Clayton’s point about weaponizing your risk management. But I think just not having this we’ll deal with it later mentality is important to like banks are good at managing risk. Generally, they are good at controls and processes.

And so I think, you know, they kind of just need to take what they’re already good at. Hopefully, probably they’ve been around and apply that to that. It is like riding a bike.

It might be a different bike. We’ll stick with the biking analogy. I don’t know how far we can take that.

But but, you know, but it is kind of using the same tools you already have in your tool belt, but applying it to something different. And then maybe it’s not as scary as it, you know, looks when you’re still pumping up your tires. But I mean, if you overlay the, you know, move slow to move fast for Phil’s one of my favorite phrases, right.

But the key is start moving. And Clayton’s earlier, the minimal maturity. And maybe you’ve hit the third leg, which is we have competence in this.

If we don’t bite off way too much to start, we know that we actually have the competence and the skills to remediate what comes up. The problem is when I would say, you know, what caused the biggest of all issues, you don’t have to be an expert in the field to look and say, bringing on that many programs with that speed in those programs themselves, growing at that speed. There’s no way that, you know, a traditional bank that’s getting into this business is going to be able to remediate that, right.

That is a fast moving forest fire. So then the question becomes, I think, one of scoping. I want to end there, right.

When we talk about this and Phil, I want to end with you. But Clayton, open to you and Mandy, how do you think about like, where does this idea like is the problem? Not so much risk management, it’s scoping the amount of risk we can take on and still remediate. And then, Phil, I want to close out with you saying at a macro view, how does the industry think about acceptable level of risk? I look, you hear this from me all the time, and I think you say the same thing.

We’re stronger together when we’re learning from each other. We’re understanding kind of the trials and tribulations of each other. I mean, you know, Jill is a good example.

And I remember right after they got their consent order, I reached out to their general counsel, Arlen, who’s fantastic. And I asked him, I said, would you talk to other banks? Like, you know, would you talk to them about what you what the process was? And he was eager to do it, right, because I think we all recognize that the ecosystem is sort of like a rising tide raises all ships. And I think you find that a lot in this ecosystem.

And so, you know, working together is critically important. But more, you know, on top of that, right, in addition to talking to each other, we’ve got to do a better job as an industry. And we talk about this all the time.

Right. Number one, the concept of that, is that the right way to sort of is that the right way to label this industry? Is that the right way to label the banks? You know, how does that view by regulators and how do they they understand that and embrace that term? And I think that we’ve got to do a better job as an industry of taking the opportunities to explain what we’re doing, to engage with the regulators, to engage with our policy makers. And, you know, going back to your question is for every single bank, you know, risk is going to be different.

Right. You know, you’re you know, it’s a question of really being thoughtful about what you and your size can take on and can handle. But don’t you know, this idea when I you know, the concept is is what you should feel comfortable doing what you can do organically.

If you’re doing something that is so outside of your comfort zone, then you probably shouldn’t be doing it. Right. And so you need to engage in innovation.

But if you go past the organic movement and you feel like you’re making a hard turn or a hard left turn, I mean, again, we’re going to go back to the cycling. Right. You want to make a soft turn.

You make a hard turn. You can end up falling off your bike. And so if you feel yourself sort of veering too far right or too far left, you probably should reassess sort of the engagement and the nature of your engagement and take it a bit slower.

But there’s no one size fits all. You’re going to learn more from others as part of our membership. We have, you know, we have banks with assets below 100 million and we have banks with assets above 30 billion.

They’re both going to take on sort of risk in a different way and sort of consume it in different way. But hopefully we’re all moving towards the same way, the same path. Well, protein, let’s close on that for a second.

This idea of comfort zone. I’d say the majority of banks have trouble even drawing a big enough box to get out of. And there are those who leap outside of the box.

How do we keep that balance that Phil was talking about that? And I think we should probably come out of how do banks get comfortable expanding the box that they need to play into? Mandy, maybe start with you. Yeah, well, to some extent, I mean, I’ll steal from Clayton’s line earlier. It really comes back to being aligned with your strategy and your core competencies.

I mean, I think, you know, Giles did a great job of kind of teeing up that they were laser focused on what do their customers need and how are they uniquely positioned to meet that need. And so I think just starting with some of those basic conversations of, hey, how are we going to stay relevant? What is it that our customers are asking for? Well, let’s start there. That feels pretty comfortable.

We’re not going out and doing something we’ve never done before. Clayton, I don’t know if you have anything you want to add. I think measure it, right? Like, let’s say what good looks like.

Let’s create the metrics. Let’s make sure that the data feeds the metrics. Let’s report those up through our governance structure, from management through the board of directors to say, this is what we want to be.

This is who we are. This is how we’re going to demonstrate that this is who we are. And when we get close to tolerance or we get close to being out of our comfort zone, we take it.

We take action and we commit to getting back into it. I love it. As we come to a close, the great quotes episode that this is, Steve Blank, where facts lie outside of the building.

We’re going to quit debating this. We’re going to start doing it. We’re going to measure it.

Let the results guide us. I think that brings us right back to what Gil talked about. It’s like we’re either going to hit stumbling blocks or stepping stones as we get in that.

We’re not going to find those by sitting in a conference room talking about it. Thank you all for joining today. Great talks about resiliency in the changing ecosystem.

Look forward to revisiting this in a year and looking back and saying how much has changed or what would we say over again? That’s it for another week of the world’s number one fintech podcast and radio show, Breaking Banks. This episode was produced by our U.S.-based production team, including producer Lisbeth Severance, audio engineer Kevin Hirsham, with social media support from Carlo Navarro and Sylvie Johnson. If you like this episode, don’t forget to tweet it out or post it on your favorite social media or leave us a five-star review on iTunes, Google Podcasts, Facebook, or wherever it is that you listen to our show.

Those actions help other people find our podcast and in return, that helps us build an audience that can be supported by sponsorship so we can continue to provide you with our award-winning content every week. Thanks again for joining us. We’ll see you on Breaking Banks next week.

[shows-menu]