Change Management

These changes are expected as part of your lifecycle, but also require bank approval - particularly for anything that has a material impact to the company, your customers, or your product. This is a crucial part of a controlled change management process and helps protect you and your bank from various risks and regulatory compliance matters. Rolling out changes without adequate approval will expose the partnership to regulatory issues and can be audited after the fact. The following are examples of changes that require approval:
  • New or change to product or features
  • New lending product or savings product
  • Add-on features such as early wage access
  • New payment rail e.g. wires
  • Interest on checking / savings
  • Annual Percentage Rate (APR) changes on a credit product
  • Fees
  • New or change to customer base
  • Targeting consumers instead of just business and vice versa
  • Change to geography offered
  • Offering accounts to customers that are non-US residents
  • Critical vendor
  • Adding / replacing a risk and compliance vendor such as fraud or KYC
  • Adding a vendor that has access to PII information of your customers
  • Vendor that otherwise has a large impact to the company’s operations or customers
  • Account agreement / disclosures
  • Note that changes resulting in a change to the account agreement for consumers generally requires a 30-day notice
  • Customer promotion / bonus program
  • Referral program, promotional interest, cashback, etc.
Other ChangesOther key changes such as requests to change payment limits, fraud rules, and marketing undergoes a separate process. Marketing change requests should generally flow through a Marketing Case and comply with your Marketing Policy and general standards.

Bank Notification and Change Process

Banks must be notified of the change. The following key steps should be performed:
  1. Perform internal diligence alongside your Compliance Officer and/or legal to define the change and any necessary compliance requirements
  2. File an ‘Information Request’ case within the Synctera console addressed to the bank
  3. Complete a Change Management memo with supporting detail and attach to the case
  4. Attach supporting files or details to the case
  5. Meet with the bank and/or Synctera as necessary to scope out the change or to discuss requirements - this may include discussion with Synctera’s Product / Solutions Consulting team and with Sales to ensure contractual changes are made, if necessary
  6. Once approved, conduct final testing before launch

Change Management Memo

A change management memo serves to document and describe the change requested and demonstrates your understanding of the change, the impact to your customer base, and the associated risk and compliance requirements. This helps the bank document the request and to undergo its internal approval processes. It is important to put together a comprehensive memo and internal review to reduce unnecessary back-and-forth. It is also your program and your Compliance Officer’s responsibility to understand the base compliance requirements as a first line of defense. The following information should be provided to the bank through the Synctera platform:
  • Summary and Plan
  • Brief summary including change, purpose, audience
  • Proposed start and end dates
  • Customer notification timeline (if applicable)
  • Testing or beta phase (if applicable) - specify details including scope and timing
  • If the change involves customer payouts such as bonus programs, describe funding allocated toward the initiative
  • Risk and Controls
  • Inherent risks
  • Controls being implemented including policies, procedures, processes, reporting / monitoring tools, assessments, controls testing, legal reviews, training
  • Legal Review
  • Details of any legal review performed of the change including changes to terms and conditions or impacts to state/federal laws
  • Customer Impact
  • Any changes regarding personal information collection and privacy notice / policy
  • Monthly statement or disclosure changes
  • Disputes process changes
  • Additional Evidence
  • Additional evidence may be required depending on the type of change requested such as a completed third party risk assessment, legal memo, updated draft of terms and conditions, draft marketing/advertising materials
Regulatory Impact of Change ManagementThere have been instances of Sponsor Banks being cited by regulators for not having sufficient controls around new products and changes via their Fintech partners. This can often disrupt the flexibility and efficiency of future changes. As a result, it is critical that you take an active and documented role in enabling controlled changes and to avoid cutting corners.