Crescent is compliance-first for their customers. Here’s why

How strong are your fintech partners’ compliance programs?

Ninety-three percent of fintech compliance professionals say they struggle to meet today’s regulatory requirements, according to Alloy’s 2023 State of Compliance Benchmark Report.

The survey revealed that more than 60% of fintech organizations were fined at least $250,000 for non-compliance in 2022 alone.If software procurement is part of your role as a finance leader, it’s crucial to choose partners that prioritize regulatory compliance. 

That’s Crescent. We were created with a focus on regulatory compliance first. And we operate and grow the same way because our compliance-first approach to everything mitigates risk and protects our customers.

COMPLIANCE FIRST

Fintech compliance needs are rapidly changing.

Tech innovation has increased the number of scenarios that require rules to protect all parties. Thomson Reuters’s annual Cost of Compliance Survey reveals that the volume of regulatory updates is today’s top challenge for compliance officers. Complicating matters further, 73% of those compliance officers say they anticipate an increase in the number of regulatory changes their teams must manage.

But even with all the new regulations, policymakers aren’t keeping up with technological changes and the processes they enable. New tech will continue to create new risks that compliance teams and regulators alike must address.

Ron DiGiacomo, Crescent's compliance consultant, saw this firsthand when he was the Chief Compliance Officer, Consumer Banking at JPMorgan Chase and the Executive Vice President and Deputy Chief Compliance Officer, Consumer at Wells Fargo.

“Fintechs must build appropriate controls — including processes, procedures, people, and technology — to make sure that they comply with all the sponsor bank’s legal and regulatory requirements,” he says. “It’s helpful to think of a fintech as an extension of the bank partner.”

Many business owners, for example, don’t realize that the Federal Reserve and CFPB recently adjusted the Availability of Funds and Collection of Checks (Regulation CC) thresholds. Starting July 1, 2025, the amendment increases to $275 the amount that has to be made available from a check deposit and increases other threshold amounts in the rule. This and many other new laws and rules need to be identified, assessed, and controlled to avoid violations.

Everyone is impacted when regulators have to hold banks accountable for fintechs’ mistakes. In 2023, the FDIC issued an order against a bank after its fintech partner violated laws. Beyond paying fees, the bank is now required to substantially tighten their compliance management program – and provide documentation that they’re keeping it updated.  

CRESCENT TAKES AWAY COMPLIANCE BURDENS

Small businesses and technology startups need their finance tools to comply

Some fintechs facilitate transactions between sponsor banks and their commercial users — companies that engage the tech tools as powerful solutions to finance operations. This user group in particular suffers when their fintech partners violate laws because the fintech’s noncompliance often results in a broken business relationship. At that point, companies are back to square one, searching for new technologies.

Finding a new fintech solution with stronger compliance and banking relationships can involve many costs. Some of them may not even be on your radar until you’re faced with them: 

- Early termination fees
- Time and resources spent vetting and procuring new solutions
- Implementation and integration costs, often involving consultants, configuration experts, and data migration
- Employee re-skilling and training, including a change management process to update workflows

Forcing end users to move banks and partner relationships sours would-be markets for fintechs. It’s tempting to believe fintech leaders prioritize compliance to avoid fines, but the Alloy survey shows that’s not their most motivating concern. The top reason fintechs say they want to be compliant is to preserve customer confidence and prevent the reputational damage that results from violations. 

“Moving those relationships aggravates teams. It's a big disruption, it's a lot of work, and it's costly,” says Ron. “If Crescent complies with all the laws, and the bank is doing its oversight in accordance with its third party oversight responsibilities, then key relationships should continue uninterrupted.”

OPERATIONAL COMPLIANCE 
AT CRESCENT

3 ways Crescent operates compliance-first

To stay compliant, Crescent has strict standards, policies, and procedures in place. Unlike Crescent, there are fintechs that are product-first rather than compliance-first. Fintechs that deprioritize compliance are at higher risk of violating laws. Prior to developing a product, a fintech must develop compliance policies, procedures, and internal controls. To envision why, imagine a builder who offers you a house with walls and a roof but without a foundation. It may look identical to neighboring homes — until a heavy wind blows.

‍
When vetting fintechs that claim to be compliance-first, software procurement teams need to know what to look for. Here are a few ways Crescent’s dedication to compliance manifests:

1. Crescent commits to knowing current regulations and new amendments

At Crescent, we stay ahead of the requirements instead of reacting to them once they’re enforced. A common myth is that most regulatory changes are dropped on unsuspecting banks and fintech organizations, but that’s not the case.

Regulatory agencies propose rules and solicit comments and feedback before the rules go into effect. They even reevaluate long-standing laws to mitigate the regulatory burden.

“People may know that it’s the banks’ responsibility to understand all the risks of offering products and services to customers,” says Ron. “But fintech partners also must know these risks and build the appropriate controls for compliance.”

Because regulators provide advance notice of regulatory changes, we can review our systems and, if needed, change them before new standards go into effect. We update our processes and test them to ensure that our tool’s app and service can continue without disruptions or deterioration. 

At Crescent, we stay ahead of the requirements instead of reacting to them once they’re enforced. A common myth is that most regulatory changes are dropped on unsuspecting banks and fintech organizations, but that’s not the case.

Regulatory agencies propose rules and solicit comments and feedback before the rules go into effect. They even reevaluate long-standing laws to mitigate the regulatory burden.

“People may know that it’s the banks’ responsibility to understand all the risks of offering products and services to customers,” says Ron. “But fintech partners also must know these risks and build the appropriate controls for compliance.”

Because regulators provide advance notice of regulatory changes, we can review our systems and, if needed, change them before new standards go into effect. We update our processes and test them to ensure that our tool’s app and service can continue without disruptions or deterioration. 

2. Crescent invests heavily in compliance controls and procedures

Crescent’s CEO Grant Roscoe consistently prioritizes quality over cost savings. Whenever we’ve encountered a choice between lower-cost processes with lax compliance and higher-cost, tighter processes, we’ve always spent more for the better option.

At inception, all of Crescent’s leaders invested strategically. They chose to defer growth early on so they could focus on compliance. Rather than take a profit quickly, they brought in compliance consultants like Ron to inform our processes and build our internal reporting capabilities. Building these foundational processes took time, but now we’re nimbly moving through product improvement, customer success initiatives, and market penetration work.

In practice, these measures manifest in our processes. We actively protect against terrorism financing and money laundering, relying on robust Customer Due Diligence (CDD) processes and Bank Secrecy Act (BSA) specific measures, for example. Crescent also employs tools like Alloy. “Alloy provides tools for compliance with BSA and CIP requirements,” says Ron. “It’s one of many examples of procedural and technological investments that Crescent has made to comply with the very stringent legal requirements that a bank must follow.

”Perhaps most painful (yet telling) of all has been Crescent’s decision to turn away potential high-value clients who pose a risk to the compliance program. Sacrifices like this make it clear: We’ll continue ensuring the good standing of the business rather than grow quickly at all costs.

3. Crescent chooses compliance-first vendors

Performline’s State of Marketing Compliance Report revealed that 60% of fintechs don’t monitor all of their third-party vendors for compliance. At a compliance-first organization like Crescent, this negligence would never fly. We ask prospective vendors hard questions, and once engaged, we require routine updates on how they navigate enduring standards and new regulatory updates.

“Grant particularly has pursued vendors that will help Crescent comply,” says Ron. “Crescent goes above and beyond expectations to make sure that their partners are committed to compliance, which is very important.

”Compliance creates a distinct competitive advantage for us at Crescent when business customers realize they can rest easy. Because our business customers know that the products and services we provide comply with the law, they can focus on strategic decision making to grow their own organizations, rather than waste time wondering or investigating whether they can trust the fintech they have engaged.

We’re taking responsibility early and often by extending our high standards to our vendors. It’s just another expression of who we are.