US Export Plan - Sector Report - FinTech

Policy and regulation considerations

The US financial regulatory system is unique. It operates on a dual framework where both federal and state authorities have jurisdiction over financial services.

Regulatory scrutiny is shaping the FinTech landscape, particularly around sponsor-bank partnerships that many FinTechs rely on for banking access. The increasing oversight from agencies such as the OCC and FDIC is creating barriers to entry, favouring firms with established regulatory compliance structures. This evolving environment puts pressure on FinTechs to not only innovate but also to meet more stringent operational and compliance standards. Consequently, companies with robust governance and established banking relationships are better positioned to navigate this shift. This regulatory climate, while challenging, also acts as a competitive conduit for well-prepared firms^[32].

For Scottish exporters there are some key considerations before entering the market, most of which are at the federal level. However, sandboxes and certain licences vary by location.

• Key Federal agencies in the US for the FinTech field include: Consumer Financial Protection Bureau (CFPB) for consumer protection and fair lending, Securities and Exchange Commission (SEC) for securities and investment products, Office of the Comptroller of the Currency (OCC) for national banks and FinTech-bank partnerships, Federal Trade Commission (FTC) for consumer protection and competition, Financial Crimes Enforcement Network (FinCEN) for anti-money laundering (AML) and Bank Secrecy Act (BSA) compliance. Regulatory audits are also a routine aspect of operating within the U.S. financial sector.
• Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) Requirements: FinCEN enforces the BSA, requiring financial institutions, including FinTech firms, to implement AML programs, report suspicious activities, and maintain certain records.
• Consumer Financial Protection and Security Laws: The CFPB enforces various consumer protection laws, such as the Truth in Lending Act (TILA) and the Fair Credit Reporting Act (FCRA) to ensure transparency in consumer financial products and services, including lending and credit reporting. FinTech services involving investment products or securities, should comply with SEC regulations, such as registering as a broker-dealer or investment advisor and adhering compliance aimed at the protection of investors.
• Federal Data Privacy Laws: Although the US does not have a comprehensive federal data privacy law, several laws, such as the Gramm-Leach-Bliley Act (GLBA), set standards for financial institutions. Compliance involves safeguarding sensitive information and notifying customers about your data-sharing practices.^[33]
• State-specific licensing requirements: Most states require FinTechs to obtain Money Transmitter Licenses (MTLs) for businesses that handle money transfers, payments, or virtual currencies and comply with state-specific consumer protection laws, which vary widely. For example, New York’s Department of Financial Services (NYDFS) has stringent rules for virtual currencies and cybersecurity. Many states also require a lending license for business models involving lending. Although requirements differ depending on the state, they generally involve proving financial soundness, enforcing strong consumer protection practices, and complying with interest rate limitations²⁶.

Additional consideration should also be given to specific state-level regulations and implementation approaches. For example, California have implemented robust data privacy regulations like the California Consumer Privacy Act (CCPA) and other California-specific requirements to doing business within the FinTech sector include: a regulatory licensing regime, including disclosure of digital financial asset business plans, ownership, and other items; requirements regarding surety bonding and use of electronic Nationwide Multistate Licensing System & Registry (NMLS) filing; and clarifying regulatory language for exemptions related to incidental Money Transmission Act activities.^[34]

Positively there are also a number of federal-level initiatives and bilateral agreements that can benefit FinTech companies entering the US. Examples include:

• UK-US Financial Regulatory Working Group (FRWG): Biannual dialogue between the UK’s HM Treasury and the US Treasury to deepen regulatory cooperation, enhance financial stability, and promote investor protection and efficient markets^[35]. The FRWG also provides an important channel for promoting the UK financial services sector internationally, offering opportunities to raise the profile of Scottish FinTechs and increase their visibility within the wider US regulatory and industry landscape.
• Transatlantic Taskforce for Markets of the Future (2025): Established in Sept 2025 by HM Treasury and the U.S. Treasury to boost collaboration on capital markets, digital assets and innovative financial activities^[36].
• Proposed UK–US Joint Crypto Regulatory Framework: Discussion are underway to create a shared regulatory sandbox for digital assets that would enable FinTech firms to test products under joint oversight, reducing duplication of compliance efforts^[37].
• Scotland–North America FinTech Gateway: Launched by FinTech Scotland and Scottish Enterprise, it equips ‘export ready’ FinTech firms targeting the US with market intelligence, networking and incentives^[38].