top of page

Subscribe to our Resources Mailing List

Thanks for submitting!

A Deep Dive into the Thorniest Issues of BaaS and of Banking Fintechs: Part Two

Updated: Jan 27

RiskScout CEO Justin Fischer recently explained why banking-as-a-service (BaaS) relationships are happening and what it takes for these arrangements to flourish. See Breaking down the Risk that spikes the potential Reward. Fintechs: A Q&A with CEO Justin Fischer

In the second part of this informative Q&A, Fischer focuses on what a sponsoring financial institutions (FIs) must do in terms of compliance to stay on the right side of the regulators. When it comes to compliance, he says, the buck stops with the FI. For financial institutions keen to become BaaS sponsors, he explains what’s necessary in terms of both software and staffing.

Q: When entering into a BaaS arrangement, what are the key compliance considerations?

A: The biggest thing to remember is that you are still responsible for the activity that happens in that account. Regardless of what contract you sign, and regardless of whether the Fintech says it’s going to check all customers or members and do all the right things, you are still responsible.

Remember that the Fintech does not sit at the table with you at examination time. It’s not good enough to just believe that the Fintech is executing the proper policy. Where’s your proof?

Here are a few key things to think about. First, make sure that the Fintechs are operating within your FI’s policy, whatever that policy is. And if they’re acting outside your policy, you’ve got to discuss that with your board and get approval.

Second, monitoring this is essential; look over their shoulder, test the adherence, and remediate issues. Make sure your collections and adherence actions are aligned with trust and risk management requirements.

For example, if a partner is processing transactions for someone in Russia right now, are they checking the identity of that person and the sanctions list? Ensure that you can answer these key questions for yourself and prove those answers to the examiners. That’s where tools like RiskScout can help you with automation and adherence. We track everything and we make sure that the proper processes are getting done.

Finally, you need to have an open conversation and collaboration with your Fintech about new features and markets. Fintech’s typically have faster go-to-market roll-outs than traditional FIs and might not think about the impact of a new feature or market in terms of a FI’s policy and regulatory requirements.

Q: How do regulators look at BaaS sponsorship arrangements?

A: We speak to and train with regulators from all the major branches of federal, state banking and credit unions. They are universal in stating they expect FIs to operate with oversight on the Fintech as if it was their own institution. Specific groups, like the OCC, are rolling out additional detail around these markets this year. We always believe its key to have an achievable and reasonable compliance program which includes tools to prove adherence.

Examiners aren’t necessarily looking at these types of businesses or relationships every day. They know what other FIs are doing and they know what some of the recent tax or fraud issues are, but they don’t see what you see. So they’re looking to find out: Are you being thoughtful? And are you achieving the things you’re trying to do to maintain BSA/AML requirements?

Q: If your community bank or credit union plans to enter the BaaS arena, what staffing changes are necessary? And how can software solutions help?

A: Ideally, you’ll have a dedicated account manager who works with the Fintech and keeps tabs on what’s going on. You’ll also want to have a dedicated compliance person who understands these types of relationships and who knows what to look for.

Unfortunately, most Fintechs don’t start out with highly trained and knowledgeable compliance employees. And many FI’s are short-staffed and couldn’t fathom 20x the volume they are dealing with today (which is typically the goal with Fintech growth). There should be a key conversation for roles, responsibilities and expected volume that the FI staff will need to take on. This is where tools can really offer efficiencies of scale and are cheaper and easier than acquiring personnel.

In the end it comes down to working on a plan that involves communication, collaboration and attention to detail between the Fintech, the FI’s business development team and the BSA/Compliance teams. It’s also important to have good partners who can help you advise, plan and executive these types of initiatives.