Fintech companies handle money on behalf of customers—whether it’s stored funds, unclaimed refunds, dormant accounts, or balances from closed services. Under state unclaimed property laws, if that money sits inactive for a statutory period (typically three to five years), the company must report and surrender it to the appropriate state treasurer. This is not optional.
Unclaimed property compliance is a legal obligation that fintech firms often discover too late, after accumulating years of unreported balances and facing audit penalties, interest, and restitution demands that can reach six or seven figures. The compliance burden is substantial because it requires fintech companies to identify dormant accounts across different product lines, match customer data with state records, calculate the correct dormancy threshold, file reports to multiple states, and maintain detailed documentation for audits. A fintech startup that manages payment accounts, stored value, or customer deposits faces the same obligations as a legacy bank, but often with far less compliance infrastructure in place. One fintech lender discovered during a state audit that it owed over $2 million in unclaimed funds and penalties from customer refunds it had held without tracking dormancy dates—a liability that nearly forced a capital restructuring.
Table of Contents
- What Are Fintech Companies Handling That Triggers Unclaimed Property Laws?
- How Dormancy Periods and State Laws Create Compliance Complexity
- The Escheatment Process: What Happens to the Money
- Building and Maintaining a Robust Compliance Program
- Common Compliance Failures and Audit Triggers
- Documentation and Record-Keeping Requirements
- Working with State Treasurers and Handling Customer Claims
- Frequently Asked Questions
What Are Fintech Companies Handling That Triggers Unclaimed Property Laws?
Fintech companies generate unclaimed property in ways that many founders don’t initially recognize. Any balance that a customer doesn’t reclaim—whether it’s a refund held in escrow, a payment account with an inactive user, a stored-value card with a forgotten balance, or merchant settlement funds awaiting pickup—can qualify as unclaimed property. Peer-to-peer payment apps, gig economy platforms, cryptocurrency exchanges, buy-now-pay-later services, and digital lending platforms all hold customer funds in trust, and all must comply with unclaimed property laws. The definition of “property” is broad and includes not just cash but also credits, gift cards, loyalty points with monetary value, insurance proceeds, payroll deposits unclaimed by employees, and security deposits held on customer behalf.
This breadth means a fintech company may not realize it is even holding unclaimed property until an audit notification arrives. For example, a fintech platform that processes refunds may issue a credit to a customer account instead of returning money to the original payment method. If that credit is never used or claimed, it becomes unclaimed property that must be reported to the state. Similarly, a digital wallet company may hold small change balances that users abandon or forget about; once dormant, those balances must be escheated.
How Dormancy Periods and State Laws Create Compliance Complexity
State unclaimed property laws do not speak with one voice. Each state defines dormancy periods, reporting triggers, and exemptions differently. Most states use a three-year dormancy period, but California uses four years for many property types, Texas has a four-year period for certain accounts, and some states have no dormancy period for specific classes of property. A fintech company operating nationally must track dormancy dates state-by-state, apply the shortest applicable period to each piece of property, and file reports and remit funds to the correct state—typically the state where the customer last known address is located, not where the company is incorporated. Reporting deadlines also vary.
Many states require unclaimed property holders to file annual reports by November 1st, while others require reports in spring or at different intervals. Failure to file timely reports can trigger penalties ranging from fifty dollars to several thousand dollars per state, plus interest on the unpaid funds. A significant limitation is that most states also allow a “period of repose”—a deadline after which a company cannot recover funds it has already remitted to the state. If a fintech company files a report late but the state repose period has closed, the company may have lost its ability to recover that money even if customers later claim it. This creates a timing trap where late reporting can be more costly than overpaying the state.
The Escheatment Process: What Happens to the Money
Once property is deemed unclaimed and dormant according to state law, the fintech company has an affirmative duty to remit it to the state treasurer. This process is called escheatment. The company must file a report listing the unclaimed property (typically including customer name, last known address, and the amount of the property), certify the accuracy of the report, and remit payment to the state. The state then holds the money in perpetuity for customers to claim, though most states eventually use a portion of unclaimed property funds to support general revenue.
From the fintech company’s perspective, escheatment creates several operational headaches. The company must build systems to track dormancy, flag accounts as they approach the dormancy threshold, attempt to contact the customer, determine the correct state of dormancy, generate compliant reports, and process the remittance. One digital wallet company spent eighteen months rebuilding its account dormancy system after realizing its original system couldn’t reliably calculate when accounts had last been active. During that period, the company fell behind on reporting and accumulated a backlog of unclaimed property files waiting for state filing. By the time the improved system was operational, the company owed penalties for late filing in six states and had to amend prior reports.
Building and Maintaining a Robust Compliance Program
A fintech company serious about unclaimed property compliance needs three components: clear policies defining what constitutes dormancy and which accounts trigger reporting obligations, reliable systems that track account activity and dormancy dates, and a documented process for annual reporting and remittance. The policy component requires understanding which state’s dormancy law applies to each customer and each type of property the company holds. This is not trivial if the company serves customers across multiple states or uses a nexus other than customer location to determine applicability. The system component is where most fintech companies struggle. Many operate with customer databases and payment systems designed for operational purposes, not compliance reporting.
Retrofitting these systems to extract dormancy data, apply state-specific rules, and generate audit-ready reports is expensive. Some companies build custom solutions; others use third-party unclaimed property service providers that specialize in compliance reporting. The tradeoff is between internal control and cost. Building in-house saves ongoing service fees but requires ongoing engineering investment to maintain accuracy and update rules when states change their definitions. Outsourcing to a service provider transfers some operational burden but introduces dependency on a vendor and typically costs tens of thousands of dollars annually for large fintech firms.
Common Compliance Failures and Audit Triggers
State auditors prioritize fintech and payment companies because these firms hold large volumes of customer funds and historically have been underreporting unclaimed property. Common failures include failing to report at all, underreporting (reporting only a subset of unclaimed accounts), misidentifying the applicable state of dormancy, calculating dormancy periods incorrectly, and failing to maintain audit documentation showing how dormancy was calculated. A significant warning is that audits often cover multiple years of back liability. If a state audit discovers that a company failed to report unclaimed property for the past five years, the company may be liable not just for the principal amount of unclaimed property but also for interest (often calculated at the state statutory rate, ranging from five to twelve percent annually) and penalties that can double or triple the original obligation.
Another common pitfall is conflating unclaimed property with other regulatory obligations like anti-money laundering or escheatment of dormant accounts held at banks. These are related but distinct obligations. A fintech company may believe it has complied with its state licensing requirements to close dormant accounts without realizing that closing an account and remitting the balance to the state as unclaimed property are two different legal processes. Some companies close dormant accounts without properly reporting them as unclaimed property, exposing themselves to audit liability and customer complaints when customers later attempt to reclaim their funds and find the company cannot locate the historical records.
Documentation and Record-Keeping Requirements
States typically require unclaimed property reports to be certified under penalty of perjury and supported by documentation showing how the company calculated dormancy and arrived at its reported figures. This documentation requirement is not merely bureaucratic; it is a substantive liability risk. If a company cannot produce system logs, calculation spreadsheets, or account reconciliation records showing that its dormancy calculations were correct, a state auditor is likely to assess additional liability or reject claims that certain property was not unclaimed. A fintech platform was unable to produce dormancy records for payments held in escrow because it had not implemented logging when it rebuilt its payment system.
During audit, the state assumed all escrowed funds that had not moved in over three years were unclaimed and assessed a significant liability that the company could not defend with documentation. Retention of records is also a compliance requirement. Most states expect companies to keep documentation related to unclaimed property reporting for a minimum of three to five years. For fintech companies with large transaction volumes, this can mean storing terabytes of transaction logs and account histories. The practical challenge is that long-term record retention systems are often separated from operational systems, and coordinating between them to retrieve audit evidence requires planning.
Working with State Treasurers and Handling Customer Claims
Most state treasurers maintain searchable databases of unclaimed property holders and their reported funds. A fintech company that has properly reported unclaimed property will appear in these databases under its registered name. Customers can then search and file claims to recover their unclaimed property. This is a benefit of proper compliance: customers have a legally sanctioned way to recover their money, and the fintech company is released from liability once the state treasurer accepts the remittance.
However, companies should prepare for ongoing customer inquiries about unclaimed property even after reporting, because not all customers will find their claims in state systems immediately or successfully. One practical detail is that some states now offer voluntary disclosure programs where companies can report previously unreported unclaimed property without triggering the full penalty structure. These programs are time-limited and typically require payment of the principal plus interest but without the full audit penalties. A fintech company that realizes it has been underreporting should investigate whether its state offers a voluntary disclosure option before an audit notice arrives, as this can substantially reduce the financial exposure.
Frequently Asked Questions
What is the difference between unclaimed property and dormant accounts?
Unclaimed property is the legal category of funds that must be reported and remitted to the state after a dormancy period. A dormant account is simply an account with no activity; not all dormant accounts trigger unclaimed property obligations, depending on the property type and state law.
How long should a fintech company keep unclaimed property documentation?
Most states require three to five years of retention. Fintech companies should consult their state’s specific rules and maintain records for at least five years as a conservative practice, particularly for accounts that may still be subject to customer claims.
Can a fintech company recover funds it has already remitted to the state as unclaimed property?
Yes, but only before the state’s repose period closes—typically five to seven years after remittance. After the repose period, the state retains the funds and the company cannot recover them even if a customer claims the property later.
What states have the strictest unclaimed property laws for fintech companies?
California, New York, and Texas have particularly active state treasurers and frequent audit programs targeting fintech companies. These states also have large customer populations and therefore significant unclaimed property volumes.
Should a fintech company attempt to contact customers before reporting their accounts as unclaimed?
Most states require or strongly encourage outreach to customers before reporting. This is often called a “dormancy letter” or “last contact” requirement. Documented outreach attempts provide evidence of good faith and can reduce audit exposure.
What is the cost of outsourcing unclaimed property compliance to a service provider?
Costs typically range from $25,000 to $100,000 annually for mid-sized fintech companies, depending on transaction volume and complexity. Some providers charge a percentage of remitted funds, which can be advantageous if unclaimed property volumes are small.