Intensified Scrutiny on Banking-as-a-Service Financial Institutions
In a recent development, Cross River Bank, a significant player in the banking-as-a-service (BaaS) sector, has found itself under scrutiny from the Federal Deposit Insurance Corporation (FDIC). The bank, which provides technology infrastructure for various payments, fintech, and crypto firms, is accused of engaging in "unsafe and unsound" practices related to fair lending laws and regulations.
The $9 billion-asset bank's predicament comes amidst increased scrutiny of BaaS firms by regulators, following the banking crisis this spring that saw the collapse of three regional lenders with ties to the fintech sector. Konrad Alt, a partner at Klaros Group, has noticed this trend, stating that regulators are attempting to recalibrate their supervision of banks operating BaaS programs.
Cross River's CEO, Gilles Gade, expects this heightened oversight to continue in light of recent volatility in the banking sector. The FDIC order places no limitations on Cross River's existing fintech partnerships or the credit products it currently offers in partnership with them. However, the bank is not allowed to enter into new partnerships with third parties or offer new credit products without the FDIC's approval.
This increased scrutiny is not unique to Cross River. Last year, Blue Ridge Bank was ordered by the Office of the Comptroller of the Currency to improve its oversight of third-party fintech partnerships. As part of the wind down, Blue Ridge is helping fintech partners migrate to other firms as contracts expire.
The decision by neobanks like Cross River's largest client, Mercury, to transition to a direct relationship with their partner bank has reportedly come at a significant cost to middleware providers like Synapse. Synapse initiated layoffs after Mercury decided to work with Evolve Bank & Trust directly, resulting in the loss of 86 employees, which represents 40% of Synapse's workforce.
Fintechs often opt for a direct partnership with their BaaS bank once they reach a certain level of maturity, according to Konrad Alt. More robust, larger, and mature fintechs are generally better off minimizing the number of players in their banking relationship, as it allows for a direct dialogue with the bank. Unlike Blue Ridge, Cross River hasn't announced any plans to pare its BaaS program.
Enforcement actions against BaaS firms providing underlying banking services for fintechs are expected to be forthcoming. Banks offering BaaS programs in 2025 will likely be various licensed banks integrated via APIs, with top BaaS providers forming an ecosystem to deliver financial products such as accounts, cards, and payments. These banks and providers will operate under strict regulatory oversight to ensure compliance with financial and data regulations in Germany and the EU.
As the BaaS landscape continues to evolve, it is clear that regulators are taking a closer look at these firms to ensure they are operating in a safe and sound manner. This increased scrutiny is likely to continue as the industry matures and becomes more integrated into the traditional banking sector.
