Skip to main content


BaaS + Partner Banks: Compliance as a Competitive Advantage

January 10, 2023
BaaS + Partner Banks: Compliance as a Competitive Advantage

As Banking-as-a-Service (BaaS) platforms and the partner bank industry continue to grow, regulatory action seems to be imminent. How can players in this space become more proactive in their approach to compliance, and even use it as a competitive advantage to ensure they keep their current hold of the market?

We were joined by industry leaders Tanner Mayo, President of FedFis, and Amanda Swoverland, Chief Compliance Officer at Unit and discussed the current state of the industry, their predictions for regulatory oversight, and their best tips for being proactive when it comes to compliance. 

The impressive growth of bank-fintech partnerships and BaaS

According to Tanner, there has been a 43% year-over-year growth in the number of Baas banks, which is remarkable in a highly regulated industry. And, according to the Office of the Comptroller of the Currency (OCC) Chairman, bank-fintech partnerships are here to stay

This explosive growth of bank-fintech partnerships and the BaaS industry can be attributed to the trust that technology companies have built with their existing customer bases and their ability to offer highly-customized products and services.

Amanda Swoverland, Chief Compliance Officer at Unit, notes that these partnerships benefit everyone involved. The fintech companies get to deepen their relationships with their customers by offering customized products and services that benefit them. The end customers benefit from highly-customized banking products that fit their needs, and the banks benefit from reaching a customer segment that they would not have access to without the partnership.

Amanda also noted that the financial industry is ready for change, as evidenced by Unit’s recent market survey which showed that people are open to getting their banking products and services from sources other than traditional banks.

Increased consumer trust through fintech partnerships

Consumer trust is important to fintechs—they’re invested in building and maintaining that trust through positive customer experiences. 

Because traditional banks are heavily involved with their fintech partners to ensure that they understand and comply with the rules and regulations that govern their products, Amanda argues that these bank-fintech partnerships help foster consumer trust through consumer protection and compliance.

Tanner then noted that the definition of fintech is starting to change to encompass companies that are not exclusively dedicated to financial services direct to consumers, but rather view it as a way to engage their customers.

Target is a good example of a brand that has a loyal following. If financial services were integrated with Target—it could be a powerful rewards tool to engage communities digitally. Similar to Starbucks’ strategy of placing stores inside Targets. It’s pretty cool.

– Tanner Mayo

By building such personalized experiences for consumers, fintechs are embedding trust directly into those experiences, which Amanda described as “embedded banking.” By integrating banking services into existing products or services that consumers already love and are loyal to, it becomes much more “sticky.”

Who’s responsible for regulatory compliance and consumer protection?

Along with all the innovation around bank-fintech partnerships also comes new challenges around regulatory compliance and consumer protection. The one question that everyone’s been asking is—which party is responsible for regulatory compliance and consumer protection?

Legally, the regulatory responsibility and liability ultimately lie with the bank. But socially, says Tanner, everyone involved in the ecosystem plays a role in ensuring consumer safety. 

Amanda agreed, saying that the responsibility for compliance and consumer protection lies with “all of us”—that’s why companies like Unit are so committed to information sharing and promoting best practices across the industry.

I think that everybody in the ecosystem has to be responsible and Tanner outlined exactly where responsibilities lie. We [Unit] are very much a  company that likes to information share about best practices with others and talk about how we think about things. We publish a lot of our guides and our requirements in a very open-source way because we truly believe that we should all collectively make the ecosystem safer, share best practices, and do things that are going to promote that responsibility across the ecosystem.

– Amanda Swoverland

The regulatory landscape is evolving quickly to keep up with the changing world of fintech. While there may be new regulations coming down the line, much of what’s happening in the industry has been going on for decades, in one form or another—think branded affinity cards for airlines and hotels, for example.

Amanda noted that many of the regulations and guidance around third-party risk management practices are already in place, including the Bank Service Company Act and those from federal regulators like the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC).

The industry will need to work together to ensure compliance with these regulations and continue to push for better standards and practices to protect consumers.

Keeping up with regulatory inconsistencies 

The regulatory climate can feel inconsistent at times. The OCC is taking a more aggressive approach compared to the Federal Reserve. The CFPB is still working through its involvement in the space. Meanwhile, some states are taking their own approaches.

The lines between fintech, vendor, and infrastructure are blurring, posing a difficulty for regulators, says Tanner. But, industry participants are working to learn and improve their practices for the sake of the consumer.

We have a lot of customers in that space where we provide data, and with that comes training and education. So I get to sit in on those calls and hear those conversations. And I can tell you, it’s definitely something where they have an appetite to learn and improve, which is a darn good thing. Everybody’s being honest and good in the performance of safety and soundness, which feels good for the future.

– Tanner Mayo

Regulators haven’t had a knee-jerk reaction, which is an overall positive for the industry. They’re taking the time to truly understand the space and its risks before taking formal action. 

While there are challenges in navigating the evolving regulatory environment, the industry is heading in the right direction with a focus on safety and soundness. As the industry continues to evolve, fintech companies need to be vigilant in educating themselves and self-governing.

I believe we are seeing relative consistency across the individuals we interact with and where things are going. We’re focused on the right angles, such as safety and soundness. We want to take a prudent approach to understand what’s happening and learn about the ecosystem. Overall, I think we’re heading in the right direction.

– Amanda Swoverland

Regulatory guidance will be a positive for the industry

Tanner and Amanda discussed the potential impact of increasing regulation on the banking industry.

Amanda drew on her experience with the prepaid market, which underwent a similar process of regulation and development, to suggest that the industry will mature and the roadmap for compliance will become clearer. 

We look at the guidance that we already have in front of us and we follow that, and we welcome more clarity. If more clarity comes, then we know exactly what we need to do and we build the roadmap and infrastructure to be able to do that. I think we all should kind of know what’s coming because it’s happened before. This isn’t new or shocking to us.

– Amanda Swoverland 

They both agreed that more clarity around regulations would be beneficial and that the industry will adapt to changes as they arise. 

Using compliance as a competitive advantage

Compliance is often viewed as bureaucracy and something that slows down processes, but done right, compliance can act as a competitive advantage for banks, fintechs, and BaaS companies. The right type of compliance can actually allow a company to move faster, be more flexible, and build additional products and services. 

Amanda notes that compliance professionals want to partner with business lines to find the path to “yes” rather than simply being the department of “no.” She suggests that compliance is about risk management and building controls to identify and manage those risks. 

While there may be cases where saying “no” is necessary due to high risks, taking a collaborative approach and inviting compliance to the table can help companies build compliance into their products in a seamless way. 

Compliance as a service

There’s an opportunity for banks to turn compliance into a service that can be monetized through “compliance as a service,” explained Tanner.

Banks are already running the processes required for compliance, such as mobile deposit and item processing. Banks can use this to their advantage and offer a compliance service to their fintech partners who may not have the same level of expertise and resources, which opens up a new business line and revenue stream.

While compliance as a service can be beneficial for banks, Paul notes that an automated and scalable solution (like PerformLine) is a critical tool to manage compliance programs for so many fintech partners.

Amanda added an emphasis on the importance of sharing information and best practices for banks to succeed in compliance as a service. Collectively, the industry has done a good job of sharing information and best practices, and if they continue to do so, positive things will happen.

The future of bank-fintech partnerships and BaaS

Panelists were overall optimistic about the future of the industry. Over the next six to twelve months, banks should focus on self-monitoring for compliance, privacy and data security, and identifying and reporting bad actors throughout the industry.

Self-monitoring and guidelines for compliance

Organizations need to take responsibility for monitoring their own behavior and complying with applicable laws and regulations, which includes establishing internal guidelines and controls that help identify and mitigate compliance risks. By taking a proactive approach to compliance, banks can avoid enforcement actions and reputational damage while building trust with consumers and regulators.

Privacy and data security

Banks should maintain high standards of privacy and data security to protect sensitive consumer information by implementing robust security protocols, training employees on best practices, and complying with applicable data protection laws and regulations.

Reporting bad actors throughout the industry

Reporting bad actors is essential for maintaining the integrity of the industry. By identifying and reporting suspicious activities, banks demonstrate their commitment to integrity and accountability, which can help to build and maintain trust with customers, partners, and other stakeholders.

Using PerformLine for compliance monitoring

I’d like to give a quick shoutout to PerformLine. I noticed the word “monitor” in your backdrop and I’ve said that word about five times now. I’m a big fan of the idea of monitoring everything that’s happening in this expanding industry. Amanda made some great points earlier about the maturation process of any industry and how expanding our footprint is a part of that. Of course, there will be bumps along the way, so companies like PerformLine that solve these problems are essential to moving forward quickly.

Tanner Mayo

PerformLine makes marketing compliance review automated, scalable, and efficient for banks, fintechs, and BaaS organizations. 

Ready to get started? Schedule a demo here

Stay Updated

Join thousands of other industry professionals

Subscribe to receive the latest regulatory news and updates with a focus on marketing compliance via content offers, newsletters, blog posts, and more
This field is for validation purposes and should be left unchanged.

Connect with PerformLine and see what we can do for you.