Community
Banking as a Service (BaaS) has changed the way banking products are built and offered. Consumers want to be able to access financial products when and where they need them, and BaaS platforms enable companies to embed these products in their own apps and ecosystems without the complexity and cost of obtaining a banking licence.
Baas providers are the sleek API layer between traditional banks and most fintechs. They help fintechs speed up their time to market, provide crucial banking functionality, and can even help streamline compliance processes. We can see BaaS in action with electronic money institutions (EMIs) like Revolut, who depend on Modulr for account opening & payment APIs and Wagestream, who depend on Railsr for embedded payments.
But while BaaS players have enabled a lot of innovation in the fintech space, they are still middleware providers. They rely on traditional banks, and have built their shiny new APIs and UIs on legacy banking infrastructure which leads to underlying tech and risk issues persistently.
Shortcomings in the current middleware BaaS model
The tech infrastructure problem. Legacy banking systems are inherently inflexible and struggle to cope with the requirements of the modern banking services. Integrating new technologies like AI, machine learning, or blockchain into these systems is often problematic, if not impossible – as these technologies require flexible platforms that can handle large-scale data processing and complex algorithms. This is costing fintechs, with one in five estimating $11m a year in losses due to product delays and 33% saying they have lost customers as a result of service outages. Old systems mean high maintenance and integration costs, with security measures for these systems also tending to be more expensive. That’s not all. These systems are often synchronous in nature, which is not optimal for the real-time demands of event-driven architecture (EDA), resulting in bottlenecks when handling a high volume of events. Given the age of the infrastructure components, original subject matter expert (SME) knowledge gets lost over time, thereby creating key person risk.
The risk problem. The fintechs that BaaS providers work with rarely have a consistent approach to customer onboarding, managing financial crime risk, implementing controls, or carrying out audits and reporting. This makes it very difficult to get visibility on the end users of the banking product. Ongoing risk assessment is usually a heavily manual process, consisting of spot checks and cumbersome yearly reviews that take up a lot of time and resources without producing useful or detailed insights. The bank supplying the underlying banking services to the BaaS provider inherits the risk of BaaS customers, which is exacerbated by this lack of visibility. And because of the limited risk appetite at banks, they often look for the most expedient way to offload this risk, usually by “debanking” (i.e. terminating their relationship with) the BaaS provider. Without a bank in the background, the BaaS provider can no longer provide critical infrastructure to the fintechs it serves, which may result in losing customers and harming end users of their products.
The BaaS model is evolving
In an ideal world, BaaS should be done by banks. But before that can happen, banks have to fix two things - technology and risk management.
Banks need to focus on completely overhauling their core infrastructure to support speed, scalability, and easy integration (as opposed to endlessly patching and tweaking increasingly creaky and overwhelmed systems). Most banks haven’t done this because such overhauls are long, complex, expensive projects that typically outlast the tenure of the motivated sponsor who wants to drive this change.
But if banks could see their way to rebuilding their core infrastructure from the ground up, the benefits to the fintech ecosystem would be significant. Fintechs would no longer need to piece together infrastructure from a dozen different middleware BaaS providers, with all the costs and complex integrations that it entails. Instead, banks could be the one-stop shop for embedded bank accounts, payments, cards, and more. The bank could also function as a single source of truth for every customer, and transaction passing through the fintech’s system, since all the data is recorded in the bank’s own ledger, instead of being distributed across multiple platforms.
All this translates to reduced cost, improved speed to market, accelerated growth, and sustainable success for young fintechs in a highly competitive financial landscape.
Solving the risk problem is much more complex - mainly because most banks are used to doing risk and compliance manually and have been slow to adopt automated technologies. To reduce the risk inherent in working with fintechs, banks need to establish a line of sight to the end users of their products - their customers’ customers. One way to do this is to own the onboarding process for end users (i.e. the fintech’s customers) and run customer due diligence and transaction screening checks on the whole book on an ongoing basis. This would greatly reduce the need for annual reviews and spot checks of the fintechs financial crime prevention controls - but is only practical at scale if these processes are fully automated.
These point to the obvious - there is a phenomenal opportunity for a radical shift in how BaaS is currently offered. It requires a collective pivot from the current practice of wallpapering over fundamentally outdated tech with surface-level “improvements”.
As I see it, it’s about not just adding new layers to outdated systems but creating something fundamentally new and efficient. The path to such a future won't be without challenges, but the payoff promises to be transformative.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Seth Perlman Global Head of Product at i2c Inc.
18 November
Dmytro Spilka Director and Founder at Solvid, Coinprompter
15 November
Kyrylo Reitor Chief Marketing Officer at International Fintech Business
Francesco Fulcoli Chief Compliance and Risk Officer at Flagstone
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.