Experts in Financial Services Regulation



Thought Leadership


The Value of Regulatory Diligence in Fintech Mergers and Acquisitions

Fintech companies can be difficult to value. Unlike their non-financial counterparts, fintech companies are subject to extensive regulation that governs many aspects of their operations and activities. As a result, valuation requires not only evaluation of traditional metrics, such as macroeconomic factors and interest rate risk, but also consideration of firm-specific measures related to regulatory compliance. This article explores the relationship between firm value and regulatory risks and proposes a framework for making valuation adjustments in the context of a hypothetical mergers and acquisitions (“M&A”) deal involving a fintech company.    

Regulatory Due Diligence

Due diligence is an opportunity to uncover areas of potential risk, liability, or concern associated with a M&A transaction. The diligence process generally consists of two phases. In the first phase, the prospective acquirer prepares a preliminary valuation of the target based on financial assumptions and projections. In the second phase, the acquirer verifies its assumptions and projections to make valuation adjustments. For regulated financial services firms, regulatory due diligence supports both phases of diligence to enable a prospective acquirer and target to identify and address regulatory concerns that could materially impair firm value.

Regulatory Valuation Adjustments

Regulatory due diligence differs from other areas of diligence as it goes beyond standard items, such as insurance claims and pending litigation, to more fully evaluate regulatory matters that may implicate a government enforcement action or investigation.  

The simplified example that follows demonstrates how regulatory adjustments flow through the valuation model of a hypothetical small-to-medium sized fintech to impact its purchase price. Assume that the hypothetical fintech target engages in online lending and loan servicing, and that its revenue consists primarily of transaction fees, servicing fees, interest income, and other revenues. Before conducting regulatory diligence, a discounted cash flow (“DCF”) analysis of the fintech yields a preliminary total enterprise value (“TEV”) of approximately $160.26 million.

Following diligence, the acquirer discovers that aspects of the fintech’s loan servicing operations run afoul of state lending regulations. The acquirer further learns that the fintech target is soon to undergo a state regulatory examination of its consumer lending platform. Based on this information, the acquirer determines that the examination will likely result in a civil money penalty (“CMP”), or civil punitive fine from regulators, against the target. Accordingly, the acquirer makes valuation adjustments to its initial valuation to account for the CMP.

To determine the amount of the valuation adjustment, the acquirer and its advisers review similar enforcement actions, comparable settlements, servicing agreements, and correspondence between the fintech and state regulators, among other things. Based on this information, the acquirer projects that the fintech target will likely enter into a $500-to-$700 thousand-dollar settlement during the Year 2 of the valuation forecast period.

After making the valuation adjustment for $600,000 in Year 2, the new valuation yields a revised TEV of $66.99 million, or an approximate loss of 56.33% in firm value. Notably, this valuation adjustment also does not measure related items, such as additional compliance costs, possible follow-on regulatory actions (civil and criminal), possible private actions, reputation damage, loss of goodwill, and other intangible impairment.

Risk Mitigation

The above example shows how significantly regulatory issues can affect the value of a regulated firm. To protect themselves, parties can use contractual tools to allocate for known (and unknown) regulatory risks.

These tools include: (1) representations and warranties; (2) indemnification; and (3) insurance policies.

Representations and Warranties. Representations and warranties involve a party making a representation or warranty regarding its knowledge of certain risks regard its business, including regulatory risks. A breach of a representation or warranty can, respectively, give rise to damages that include the right to void a contract and rescission damages, as well as breach of warranty remedies.

Indemnification and Insurance. A party making a representation or warranty may also agree to indemnify and defend the other party in the event its representation or warranty fails. Indemnification, however, relies on the financial wherewithal of the party promising to indemnify the other. As a result, parties might additionally agree to set aside a specified amount in escrow (pending consummation of the transaction), adjust the purchase price for regulatory deficiencies, or purchase separate insurance to cover regulatory risks. Insurance policies purchased should also cover non-regulatory elements, such as director and officer liability, employment practices, and intellectual property infringement, among other things.


Regulatory risk is pervasive in all M&A transactions involving regulated financial services entities. As the pace of financial innovation rapidly progresses, new forms of regulatory risk will emerge and often accompany new business opportunities. To avoid a damaging outcome, acquirers should conduct comprehensive regulatory due diligence on target firms and internally review their own regulatory risks before commencing any transaction.  

This article was originally published in Banking Technology.