The case of Flutterwave recently rocked the Kenyan fintech space. The Asset Recovery Agency levelled claims of fraud and money laundering against Flutterwave. In court documents, the Agency asserted that Flutterwave bank accounts received billions in a suspected scheme of money laundering and the same deposited in different bank accounts to conceal or disguise the nature, source, location, disposition or movement of the said funds. The High Court went ahead to freeze several bank accounts held by Flutterwave following the allegations by the Asset Recovery Agency.

The Asset Recovery Agency began investigations after noting suspicious activities and transactions. It also pointed out that Flutterwave operated in Kenya without a valid license from the Central Bank of Kenya (CBK).

Flutterwave is a fintech company that provides a payment infrastructure for global merchants and payment service providers. Launched in 2016 as a Nigerian and US-based payments company with offices in Lagos and San Francisco, Flutterwave helps businesses build customizable payment applications through its APIs.

Flutterwave and other similar fintechs work with financial institution partners to collect and pay on behalf of merchants and corporate entities. In the process, fintechs earn their fees through transaction charges.

Regulation of fintechs in Kenya

There is no overarching fintech regulatory framework in Kenya. However, fintechs such as Flutterwave that operate in the payments ecosystem are regulated and licensed by the Central Bank of Kenya under the National Payment System Act. Banks, on the other hand, are licensed and regulated by the CBK under the Banking Act.

Despite the lack of an overarching fintech regulatory framework, fintechs licensed as payment service providers in Kenya are required to screen transactions to comply with anti-money laundering laws. However, banks still hold the primary responsibility and risk for compliance in bank and fintech partnerships.

Banks need to be able to establish the integrity of their third-party vendor management systems to demonstrate their fintech partners are, in fact, in good condition and healthy enough to provide the services the bank is contracting.

A key responsibility of fintechs in bank partnerships has always been to enable their partner bank meet their regulatory requirements, including compliance with KYC/AML requirements, transaction monitoring and data security. Banks and fintechs will have to strengthen their trust in each other.

Building a “trust” partnership

Banks must communicate their regulatory requirements to their fintech partners and monitor compliance. In the same vein, banks also have to trust the fintech partners will follow the regulations. 

The case of Flutterwave reinforces the need for financial institutions to foster better working relationships built on trust. To mitigate the risks of financial and reputational implications, banks and fintechs should hire competent compliance people, have regular communication, and respond quickly to compliance matters.