Regulatory compliance: The new frontier for nonbanks

Adapting to regulatory shifts: With evolving regulatory priorities under the new administration, nonbank financial institutions should remain vigilant about changes impacting their products and services. This presents a strategic opportunity to reassess and strengthen the foundational elements of risk management across the organization, facilitating broad and effective risk mitigation strategies.

Things nonbanks should know

The Trump administration has appointed new regulatory leaders and is focused on deregulatory efforts, including rolling back or potentially overturning several of the previous administration’s regulatory initiatives. While a more permissive regulatory environment is expected, changes to financial supervision typically come more slowly. Nonbanks should still focus on addressing existing regulatory findings and improving risk management and controls.

Things nonbanks should consider incorporating

Engage your legal team to understand the regulatory landscape and its direct implications for your organization based on the products and services offered: 

• The Consumer Financial Protection Bureau (CFPB) has been subject to numerous industry legal challenges over the agency’s rulemaking agenda, including those related to credit card late fees; buy now, pay later (BNPL); and open banking. 
• On May 12, 2025, the CFPB formally revoked 67 different documents covering interpretive rules, policy statements, and advisory opinions.¹
• While a regulatory “rollback” or “slowdown” may shift agency oversight, significant changes tend to occur gradually. Nonbanks must continue to meet foundational compliance requirements during this transition period.

Prioritize “rightsized” risk management strategies to navigate the evolving regulatory landscape. Despite potential changes, maintaining a focus on foundational risk management principals is crucial.

• Focus on resolving outstanding supervisory issues and demonstrating sustainable remediation efforts.
• Prioritize robust governance, risk management, and compliance management systems (CMS) to facilitate long-term resilience and regulatory adherence.

Build a compliance culture across your organization positioning compliance as a strategic asset. A strong compliance culture not only prioritizes the customer, but also supports a conscientious control environment, reducing customer dissatisfaction and complaints, and ultimately benefiting the bottom line.

• Establish a top-down approach to embed compliance into your organizational ethos, determining that customer-centric values are prioritized across all levels.
• Integrate compliance objectives into your organization’s strategic framework, securing alignment and support from stakeholders. 
• Implement proactive risk management and a mature monitoring and testing program to swiftly identify and address gaps. Consider compliance implications when planning target-state goals for efficiency (e.g., avoid retroactive assessments that will delay initiatives and increase both operational cost and stakeholder burden).

Read more about this topic:

• 2025 Banking Regulatory Outlook

1. Consumer Financial Protection Bureau (CFPB), “Interpretive rules, policy statements, and advisory opinions; withdrawal,” Federal Register, May 12, 2025.

Navigating opportunities and compliance in digital assets: The new administration’s permissive approach to digital assets may open new opportunities for nonbanks at the federal level. In the interim, nonbanks should be prepared to navigate varying state rules and consider in regulatory efforts to facilitate compliance across different jurisdictions.

Things nonbanks should know

As the Trump administration continues to develop its policy approach, a more favorable regulatory environment may be expected for the financial services sector. Global jurisdictions have taken the lead in the implementation of tailored rules for digital assets, and the United States (US) may feel the pressure to respond to maintain competitiveness. Lawmakers are working with the administration on legislation aimed at developing further clarity regarding the status of digital assets and providing a federal regulatory framework for the industry. In the meantime, several states have developed their own licensing regime and tailored rules for digital asset firms engaged in trading, custody, and mining activities.

Things nonbanks should consider incorporating

President Trump issued an executive order on January 23, 2025, aimed at advancing digital assets by forming an interagency group to “promote US leadership in digital assets and financial technology.”

• A focus area will be developing a federal regulatory framework for the issuance and operation of digital assets, including stablecoins, within the US.

In the interim, nonbanks should stay abreast of state requirements and clearly understand their implications for the organization.

• With the absence of federal legislation, many individual states are establishing their own reporting and licensing structures. Nonbanks may need to enhance regulatory efforts to maintain compliance with varying state rules by:
  • Assessing state requirement applicability across the organization.
  • Developing regulatory tracking mechanisms to promptly identify and implement changes in state guidance.

State requirements for nonbanks may include the following:

• Licensing requirements: Obtain a money transmitter license (MTL) or a digital asset business activity license at the state level.
• Compliance and reporting: Comply with anti-money laundering (AML), know your customer (KYC), and transaction monitoring requirements. 
• Consumer protection: Disclose specific information to consumers, such as fees, risks, and terms of service. Further, providers are often required to maintain certain levels of capital and determine that customer funds are adequately protected.
• Cybersecurity: Implement strong measures to protect customer data and digital assets. In case of data breaches or cyber incidents, providers must report these to the relevant authorities promptly.

Read more about this topic:

• Digital Assets Banking and Capital Markets Regulatory Digest

Shaping the future of payments: As the payments industry undergoes rapid transformation driven by evolving customer preferences and technological advancements, nonbanks should strategically navigate emerging trends to enhance customer experiences and maintain compliance.

Things nonbanks should know

The payments industry continues to experience rapid change, with new players continuing to emerge. Payment providers are aiming to improve the customer payment experience and provide more options for faster, easier, and safer payments. For example, we have seen an increase in businesses embedding payment options into a customer’s checkout experience. One of the primary drivers of change is changing customer preferences and “how and why” customers choose to make a payment.

Things nonbanks should consider incorporating

1. Cash finds its floor: Consumers use credit cards, peer-to-peer (P2P), and other digital payments more frequently as checks move toward extinction and cash finds its floor.
2. Regulators bring nonbanks into the fold: As noted in the summaries above, nonbanks continue to face regulatory scrutiny. The rapidly changing environment and the increase in compliance requirements may cause some nonbank players to exit the market.
3. BNPL moves to industry sectors: BNPL and other digital payment options will expand into new sectors like housing and utilities, grocery, car payments and repairs, and travel, especially as consumers battle inflation and focus on nondiscretionary spending.
4. Integrated software vendors (ISVs) increase their hold on small and midsize businesses (SMBs): SMB merchants gravitate to ISVs for operational simplicity and provide pre-integrated payment rails, including consumers’ go-to digital wallets.
5. AI drives fraud prevention to newer dimensions: AI-driven fraud models will likely expand to better consider consumers’ digital identity and personalized spend insights.
   • AI adoption continues to accelerate, and nonbanks should consider investing in AI capabilities, especially from a fraud perspective.
     • AI has a prominent use case on both sides of the fraud landscape—from AI-driven scams by fraudsters to AI-driven defense practices by organizations.
     • Deloitte’s Center for Financial Services predicts that Generative AI could enable fraud losses to reach $40 billion in the United States by 2027, up from $12.3 billion in 2023.² 
     • Nonbanks can combat the increased complexity and velocity of fraud by leveraging AI to develop faster detection models and to gain insights into emerging fraud trends and networks.
   • Leveraging AI to combat fraud.
     • AI advancements enable nonbanks to both improve fraud detection and limit false positives, which can facilitate a smooth customer experience and limit instances of lost payments. 
     • A customer’s digital identity, or the full range of data produced by their activities on the internet, is a key input to enabling fraud detection and prevention through AI. 
     • The integrity and accuracy of each customer’s digital identity are principal to fraud detection and prevention improvement.

AI can support the aggregation and analysis of customer insights, such as spending patterns. These data points can be used to aid behavioral analysis integrated into fraud models and ultimately determine the likelihood of a customer making a certain transaction.

Read more about this topic

Payments Industry Trends | Deloitte US

2. Zachary Aaron et al., “Shaping the future of payments: Trends and insights for 2025,” Deloitte, 2024.