2024 has been a challenging year for banking-as-a-service (BaaS). The collapse of Synapse served as a prime example of what can happen when banks do not adequately assess the risk they take on from outside fintech partners. Millions of consumers were left without access to hundreds of millions of their own dollars, and, naturally, regulators turned their attention to BaaS.
Post-Synapse, where does BaaS stand? And how can banks keep innovating and partnering without getting burned?
The Collision of Banking and Fintech
The recent surge in regulatory scrutiny of BaaS models reflects a broader trend where fintech partnerships and innovative service delivery methods are testing traditional banking frameworks. The regulatory actions against BaaS banks underscore a critical juncture where traditional banking meets fintech innovation. While these actions aim to safeguard against potential risks, they also signal the industry's need for more robust, transparent, and compliant operational frameworks in BaaS. This could lead to a more mature BaaS market where innovation coexists with stringent regulatory compliance, potentially setting new standards for banking operations globally.
Meanwhile, banks not engaged in BaaS will continue to rely on traditional wholesale funding sources like FHLB advances, brokered or internet deposits, reverse repos, and purchased fed funds. The landscape of banking has shifted with fintech innovations, mobile banking, and internet services, leading to a notable decrease in the stability of traditional core deposits. Consequently, both wholesale funding and retail deposit liquidity risks have increased, necessitating vigilant management.
BaaS Overshadows Other Banking Concerns
Despite the prevalence of interest rate and liquidity risk at many banks and the emerging risk of CRE concentrations, there have not been many public regulatory actions on these fronts. Instead, the hottest topic appears to be banking-as-a-service. Regulators have issued consent orders or other actions to at least 13 banks in the last 10 months related to their BaaS businesses. This is especially remarkable considering that industry analysts estimate there are only about 50 BaaS banks in total.
When brokered deposits first appeared several decades ago, banking regulators expressed concerns about banks becoming overly dependent on "hot money," which could expose them to liquidity risks. Similar concerns are directed towards BaaS models today. Regulators have tried to apply brokered deposit regulations to BaaS despite the significant differences between thesemodels and traditional brokerage arrangements. This approach seems ill-suited.
Addressing a Risky Mentality
The primary challenge for BaaS banks partnering with fintech companies lies in reconciling the tech sector's "move fast and break things" ethos with banking's critical need for safety and soundness. In hindsight, it's clear that managing these partnerships would be complex. Recent regulatory actions, including consent orders, have pushed banks to take greater responsibility for these partnerships, enhancing compliance and risk management protocols.
BaaS introduces complexities in risk management, particularly in areas like compliance, customer data protection, and operational resilience. The regulatory actions highlight concerns over banks' capabilities to manage these risks effectively, especially when fintech partnerships involve services like payment processing, lending, or deposit-taking that directly impact consumer protection and financial stability.
Banks engaged in BaaS need to reassess their operational models, focusing on enhancing their third-party risk management and compliance frameworks and ensuring that their fintech partnerships do not expose them to unforeseen risks. This might involve adopting more sophisticated technology for real-time monitoring or investing in compliance expertise.
Given small and mid-sized banks' competitive disadvantage in delivering mobile financial services compared to larger institutions, fintech partnerships are likely to persist. Integrating the rigorous processes and controls necessary for handling public funds into these fast-paced tech environments is challenging. Cases where customer deposits have gone missing, like those with Synapse, underscore this necessity.
This presentation is being furnished on a confidential basis to provide preliminary summary information. The information, tools and material (collectively, information) contained herein is not directed to or intended for distribution or use by any person or entity who is a citizen or resident of or located in any jurisdiction where such distribution, publication, availability or use would be contrary to law or regulation or which would subject Endurance Advisory Partners, LLC, to any registration or licensing requirement within such jurisdiction.
The information presented herein is provided for informational purposes only and is not to be used or considered as an offer to sell, or buy securities or other financial instruments, or any advice or recommendation with respect to such securities or other financial instruments. The information may not be reproduced in whole or in part or otherwise made available without the prior written consent of Endurance Advisory Partners, LLC. Information and opinions presented have been obtained or derived from sources believed to be reliable, but Endurance Advisory Partners, LLC makes no representation as to their accuracy or completeness. Endurance Advisory Partners, LLC, accepts no liability for any loss arising from the use of the information contained herein.
This information is subject to periodic update and revision. Materials should only be considered current as of the date of the initial publication, without regard to the date on which you may access the information. Endurance Advisory Partners, LLC, maintains the right to delete or modify the information without prior notice.
Under no circumstances and under no theory of law, tort, contract, strict liability or otherwise, shall Endurance Advisory Partners, LLC be liable to anyone for any damages resulting from access or use of, or inability to access or use, this information regardless of whether they are dire, indirect, special, incidental, or consequential damages of any character, including damages for trading losses or lost profits, or for any claim or demand by any third party, even if Endurance Advisory Partners, LLC knew or had reason to know of the possibility of such damages, claim or demand.