5 Predictions for the Future of Banking as a Service

If you keep up with the banking industry, then you’ve certainly heard about the significant events in the past several months bringing a lot of attention to fintech, specifically Banking as a Service (BaaS). Headlines have been dominated by news of financial woes, compliance failings, and even a major data breach–All with cascading effects on banks, fintech companies, and their customers. For me, these incidents serve as a wake-up call, highlighting the need for a different approach to how banks are handling BaaS relationships, specifically the risks that go along with them.

Banking as a Service (BaaS) refers to the model where banks provide core banking services and infrastructure to non-bank businesses, such as fintech companies. This allows fintechs to offer financial products and services without needing to become fully licensed banks themselves. For community banks, this can be a game-changer, providing opportunities to innovate, increase revenue, and enhance customer offerings without the massive investment in new technologies. By leveraging BaaS, community banks can partner with fintechs to stay competitive in an increasingly digital financial landscape.

But the aforementioned news would suggest that the BaaS landscape is due for some significant changes. As we look ahead, there are several key areas where I predict we’ll see shifts in how community banks approach their BaaS relationships. From increased due diligence to a more proactive role in risk management, here are my top five predictions for the future of Banking as a Service.

1. Greater scrutiny of the banks by fintechs. Yes, you're reading that correctly. Up to this point, I think it was safe to say that fintech companies just assumed that banks were secure in their practices. We haven't even begun to see all the fallout from the massive breach of one of the banks heavily involved in Banking as a Service, but there's no doubt that it has had a negative impact on the service and customers of several well-known fintechs. I'm predicting that in the future fintechs will be asking the banks in a BaaS relationship for their due diligence. And now that we’ve seen firsthand the impact of a BaaS bank data breach, I would guess that the questionnaires and request lists could be lengthy.
   
   
2. Deeper, more frequent due diligence of the fintechs by banks. Fintechs are not your normal technology provider in the banking space. Many of them are private-equity-backed, entrepreneurial, risk-taking disruptors who want to change the world (mostly for the good). They want to “move fast and break things”. Profit is something they worry about in the future, not today. So that means that fintech relationships carry more risk than traditional banking technology providers. What happens if they go bankrupt? Where will they store the data? When was their last penetration test? What controls are described in their SOC2? In the future, BaaS banks will not only ask for the information, but they will also review and assess it with greater scrutiny.
   
   
3. Greater oversight from regulators. No surprise here, right? This is barely a prediction, but it’s worth noting. I’m not going too deep on this one, but some things that come to mind: are cybersecurity controls keeping up with increased size and complexity of Baas banks, who is tracking KYC, BSA, and AML compliance, increased capital and liquidity requirements in light of added concentration risks with BaaS transactions, and consumer protection measures in fintech offerings. This added oversight will not only take direct compliance effort by the bank but also collaboration with the fintech.
   
   
4. Banks will embrace their value in the relationship beyond just providing the “transactional rails” to fintechs. Everyone seems to forget that a bank can bring value to a BaaS relationship with a fintech in their experience with risk management. Rather than just being along for the ride, BaaS banks of the future will take a more proactive role in guiding mutually beneficial risk management strategies. This will lead to more symbiotic partnerships, increased stability for consumers, and greater long-term success all around.
   
   
5. Only the serious banks will enter or remain in BaaS relationships. Please don’t take this the wrong way. I believe in the importance of community banking. I believe that innovation is exactly what some community banks need for success. And I believe that there are strategic partnerships to be found for some community banks in BaaS relationships. But, based on what we’ve seen in recent months, BaaS is not for every community bank. In fact, I predict that my first 4 predictions will mean that only the banks that are serious about BaaS as a strategic move, rather than just a revenue generator, will enter or remain in the BaaS arena. The BaaS banks of the future will be dedicated to devoting the resources in compliance, information security, technology, and operations to seek out and maintain these relationships.

In conclusion, BaaS relationships can be a game-changer for community banks, driving innovation and boosting customer services. But recent events remind us of the need for a smarter approach. By ramping up due diligence, actively managing risks, and adapting to tighter regulatory scrutiny, community banks can build stronger, more resilient partnerships with fintechs. Those who commit the necessary resources will be well-equipped to navigate the evolving BaaS landscape and achieve long-term success.