The following is a guest post by Joshua Diamond and Poorani Jeyasekar, Klaros Group.
The explosive growth of the fintech sector over the past 15 years led to the rise of a new business model in banking, now referred to as “banking-as-a-service” (BaaS).
BaaS promised banks a way to capitalize on the growth of fintech and develop new revenue streams. But a sharp correction in the fintech sector and an equally sharp increase in regulatory scrutiny of bank-fintech partnerships have put these arrangements under pressure and sent some fintechs scrambling.
Banks working with fintech partners need to double down on risk and compliance quickly – starting with a comprehensive risk assessment, and the time to start is now.
Separately, if not already doing so, banks should start frequently communicating with their regulators, on no less than a quarterly basis, around their current and future BaaS strategy and managing their partner risks.
The birth of BaaS
In the last decade, fintech companies have multiplied and prospered, fueled by abundant capital and technology infrastructure that made it easier to build new financial products. But to offer financial products to their customers, fintechs need access to the authorities and infrastructure that banks provide.
Banks like WebBank, Celtic, and Cross River seized the opportunity to provide infrastructure for fintechs and became go-to origination partners for marketplace lenders such as LendingClub, Kabbage, and SoFi.
Meanwhile, Bancorp, Sutton Bank, and several other community banks accelerated the proliferation of fintech checking accounts with debit cards.
In a period of low interest rates, these banks could improve their financial performance by generating fee income.
From 2018-2020, partner banks generated an average ROA of 1.7% and ROE of 19.4%, compared to industry averages of 1.1% and 9.4%.
Over time, the partner banks’ financial performance attracted others to get into the game, and by 2021, 85% of banks were at least considering launching a BaaS offering.
More pain ahead
However, the macroeconomic and financial market tides rapidly shift against venture-funded fintechs.
More pain will come, especially in private markets, and many fintechs will fail or be acquired. This has created a challenging environment for fintechs and their partner banks.
At the same time, regulators have sharply increased their focus on bank-fintech partnerships. In July 2021, the banking regulators proposed Interagency Guidance on third-party risk management. Then in September 2021, the Federal Reserve published a guide for community banks on forging effective partnerships with fintechs, describing opportunities for banks but also noting that such partnerships “can result in heightened third-party risks.”
The CFPB has also upped the ante, voicing concern about what it refers to as “rent-a-bank” schemes.
The regulators now appear to prioritize these third-party relationships in examinations and have not always been satisfied with what they’ve found.
Most regulatory interactions are confidential, so it’s difficult to confirm details. Still, industry reports and our contacts suggest that in several cases, partner banks did not effectively scale their risk and compliance programs to oversee their growing stable of fintech partners, nor did they maintain strong enough communication lines with their regulators around their fintech partner strategies and growth.
Partner banks that moved into these partnerships hastily now realize the operational and regulatory impacts of that haste.
Banks, fintechs, and, more importantly, their customers have much to gain from successful partnerships. But regulators have made it clear that banks are to treat the activities of their fintech partners as their own.
Banks partnering with fintechs need to ensure that they and their partners have the people, processes, and systems to ensure risks are well-managed and consumer protections are followed.