Regulation of FinTechs and MedTechs: Challenges for Investors
Skip to main content
Select location Germany
  • Insights
  • Regulation of FinTechs and MedTechs: Challenges for Investors
Insight

Regulation of FinTechs and MedTechs: Challenges for Investors

Dr Sebastian Kamm
02/06/2025
A digital abstract image featuring a dynamic landscape of interconnected lines and geometric shapes in neon pink and purple hues, set against a blue background. The image evokes a futuristic, tech-inspired aesthetic.

Locations

Germany

Investing in technology-driven start-ups offers opportunities, but also specific risks – especially when it comes to companies in regulated industries such as FinTech or MedTech.

It is crucial for venture capital investors to identify regulatory requirements at an early stage and to incorporate them into the evaluation and structuring of an investment. This article highlights the most important regulatory pitfalls and provides guidance on what investors should pay particular attention to. 

Why is regulation an investment issue? 

Regulation not only influences the market approval of a product or business model, but also its scalability, time-to-market, and exit potential. In the worst case, missing licenses, unclear responsibilities, or undocumented compliance processes can lead to fines, operating bans, or reputational damage – and thus significantly impair the value of an investment. 

FinTech: Licensing requirements and supervision 

FinTechs often operate within the scope of the Payment Services Supervision Act (ZAG), the Banking Act (KWG), or the Securities Trading Act (WpHG). Typical questions: 

Is a license required from BaFin? 
Many FinTech business models – e.g., payment services, e-money, lending, or investment brokerage – require a license. Failure to obtain a license may even result in criminal penalties (Section 54 KWG). 

Is a license partner used? 
White label or fronting models are common, but they involve dependencies and reputational risks. 

Is there a functioning compliance and risk management system in place? 
BaFin expects clear processes, especially in the areas of money laundering prevention, data protection, and IT security. 

How is communication with the supervisory authority documented? 
Transparent communication with BaFin is a positive sign, while a lack of communication or conflicting statements are warning signs. 

MedTech: Approval, MDR, and data protection 

MedTech companies are subject to the European Medical Device Regulation (MDR) and national regulations. The following points are particularly relevant for investors:  

Is the product classified as a medical device – and if so, in which risk class? 
The classification determines the scope of the regulatory requirements and the duration of the approval process. 

Does the product have CE marking or is this in preparation? 
Without CE marking, a product cannot be placed on the market – delays in the approval process can significantly hinder scaling. 

How is the handling of health data regulated? 
MedTechs often process particularly sensitive personal data. Compliance with the GDPR and, where applicable, the Digital Health Code is critical.  

Are there any clinical trials or post-market surveillance processes? 
These are mandatory for many products and should be documented and traceable. 

Conclusion 

Investments in regulated companies require a special degree of legal and regulatory due diligence. A thorough review of the licensing situation, compliance structures, and regulatory roadmap is essential for investors – not only to minimize risk, but also to ensure exit viability. 

Are you planning to invest in a fintech or medtech company? We can support you with regulatory due diligence, the evaluation of licensing models, and the structuring of legally compliant investments – with in-depth industry knowledge and many years of experience. 

Areas of Expertise

Venture Capital