Banking-as-a-service (Baas) and bank-fintech partnerships are all the rage lately as organizations work to diversify their product offerings and make financial products more accessible to consumers.
While these partnerships offer great opportunities and benefits, they don’t come without regulatory compliance challenges and concerns. Prioritizing compliance should be top of mind for banks, fintechs, and BaaS providers alike to mitigate risk and gain a competitive advantage in the marketplace.
Table of Contents
- Growth of Banking-as-a-Service (BaaS)
- Regulatory Oversight of BaaS and Bank-Fintech Partnerships
- Increased Regulatory Scrutiny of BaaS and Bank-Fintech Partnerships
- Managing Compliance Risk for BaaS and Bank-Fintech Partnerships
Growth of Banking-as-a-Service (BaaS)
What is “Banking-as-a-Service”? FinTech Business Weekly says:
At the highest level, [BaaS] describes product structures that have long existed: non-bank companies leveraging banks’ unique capabilities – usually, their license and all that goes with it – as a key part of their business model.
Banks and fintechs are partnering more than ever to offer a wide range of consumer finance products and services, and these types of partnerships are expected to only grow from here. According to Finastra,
- The BaaS industry is expected to reach $7 trillion in market value by 2030
- 85% of senior executives said that they already implemented BaaS solutions or plan to within the next 12-18 months
- 70% want to increase spending on financial partnerships (including Baas)
Regulatory Oversight of BaaS and Bank-Fintech Partnerships
Federal Deposit Insurance Corporation (FDIC)
The FDIC is the primary regulator for state-chartered banks and conducts regular examinations of these entities every 12-18 months-which include an assessment of how a bank manages the risks presented by its relationships with third parties (aka fintechs).
Office of the Comptroller of Currency (OCC)
The OCC charters, regulates, and supervises all national banks-including those that partner with fintech companies.
In August of 2021, the FDIC, OCC, and Federal Reserve released joint guidance for bank-fintech partnerships to provide insights on key due diligence topics that should be considered when choosing a partner.
Consumer Financial Protection Bureau (CFPB)
Fintechs have just recently come under the microscope of the CFPB when they invoked a dormant authority to supervise nonbank entities-aka fintechs-that pose risks to consumers (more on this below).
In addition to federal regulators, banks and fintechs are subject to oversight by the states in which they’re operating.
Increased Regulatory Scrutiny of BaaS and Bank-Fintech Partnerships
CFPB Invokes Dormant Authority to Regulate FinTechs
In April of 2022, the CFPB invoked a largely unused legal provision to examine nonbank financial companies (fintechs) that pose risks to consumers in an effort to protect consumers and to “level the playing field” between banks and nonbanks.
This authority gives us critical agility to move as quickly as the market, allowing us to conduct examinations of financial companies posing risks to consumers and stop harm before it spreads.
– CFPB Director Rohit Chopra
OCC Developing a More Sophisticated Understanding of Bank-Fintech Partnerships
In his recent remarks at The Clearing House and Bank Policy Institute Annual Conference, Acting Comptroller of Currency Michael J. Hsu outlined the Office’s priorities for BaaS and bank-fintech partnerships moving forward:
The growth of the fintech industry, of banking-as-a-service (BaaS), and of big tech forays into payments and lending is changing banking, and its risk profile, in profound ways.
Banks and tech firms, in an effort to provide a “seamless” customer experience, are teaming up in ways that make it more difficult for customers, regulators, and the industry to distinguish between where the bank stops and where the tech firm starts.
The evolution of bank-fintech arrangements in the era of digitalization is giving rise to new opportunities for surprises. Fortunately, this risk can be mitigated. At the OCC, we are currently working on a process to subdivide bank-fintech arrangements into cohorts with similar safety and soundness risk profiles and attributes. This will enable a clearer focus on risks and risk management expectations.
Managing Compliance Risk for BaaS and Bank-Fintech Partnerships
Based on what we’ve been seeing, regulators are expecting both banks and their partners (fintechs and BaaS providers) to have oversight on how their products are being marketed to consumers.
To effectively manage compliance and risk in your partnerships, you need the ability to:
- Approve content across all of your partners (and their partners) at scale
- Have ongoing and comprehensive monitoring of marketing communications across all channels
- Gather proof that you can use to show regulators (and bank partners) your ability to discover, monitor, and act on any marketing materials that could potentially be harmful or deceptive to consumers
Benefits of Compliance Monitoring for Banks, Fintechs, and BaaS Providers
While regulatory responsibility traditionally falls on the bank, based on recent commentary from the CFPB and OCC as mentioned above, fintechs and BaaS providers will benefit from taking a proactive approach to compliance instead of a reactive one.
Whether you’re a bank, fintech, or BaaS provider, having a robust compliance monitoring system in place offers you a competitive advantage:
- Banks: As you continue to partner with more fintechs, you need comprehensive compliance controls in place to mitigate risks and avoid scrutiny from the regulators
- Fintechs: Use your compliance data to show potential partners that you’re taking a proactive approach to compliance and that you won’t pose a risk to their business
- BaaS Providers: Use compliance as a competitive advantage. Market yourself as an ideal partner by taking some of the compliance burdens off of your partners by having your own programs in place
Compliance Monitoring with PerformLine
With PerformLine, you can gain full visibility into your partners’ marketing materials (and their partners’ marketing) across the web, social media, and emails. PerformLine’s omni-channel compliance solutions offer comprehensive coverage of your brand products everywhere they appear-even if you don’t know about them-to ensure that they’re being marketed accurately and in compliance with applicable regulations.
With PerformLine, your organization can:
- Discover your partners’ partners who mention your brand in their marketing materials
- Act on and remediate any potential compliance violations quickly and have a central repository of those remediations
- Risk run your partners to identify your most (and least) compliant partners to help make strategic decisions