Regulatory scrutiny of the bank-fintech relationship intensified last spring after middleware provider Synapse collapsed, leaving thousands of online customers’ deposits in the lurch.

Last summer, federal banking agencies released an interagency statement providing guidance for banks working with third parties on deposit products, as well as a request for information related to the bank-fintech relationship. In September, the Federal Deposit Insurance Corporation (FDIC) proposed new recordkeeping rules for banks that take deposits from fintech customers.

Several consent orders against banks concerning their partnerships with fintechs followed. In the first half of 2024 alone, over a quarter of the FDIC’s enforcement actions were found to have targeted bank sponsors involved in embedded finance partnerships.

Though the bank-fintech honeymoon may be over, it’s less certain what will come next. Lumping all fintech providers together and placing additional burdens on the smaller lenders that disproportionately rely on their services isn’t the answer. Done wisely, fewer—and more effective—regulatory bodies and rules would make for a more innovation-friendly environment.

Though much remains to be seen, this year may offer something of a clean slate following the flurry of activity in 2024—presenting an opportunity to develop smarter policies moving forward.

A New ‘Regulation-Lite’ Framework is Needed

2024 saw plenty of promising bank-fintech regulatory developments. But we also witnessed overregulation and indiscriminate application of rules that sowed further uncertainty.

Community banks, in particular, have suffered in the aftermath of Synapse’s failure, as regulatory bodies threatened to paint every institution with the same brush regarding their third-party partnerships. At the same time, some FDIC field examiners have been interpreting rules differently depending on the examination in question.

Before advancing any additional regulation, it’s critical that regulators focus their efforts on the real culprit rather than placing all fintech-bank partnerships in the same bucket. In other words, deposit-oriented solutions—and related consumer protection and money laundering risks—should be prioritized, given the complexity of ongoing reconciliations and the potential fallout for consumers (e.g., with Synapse).

Other functions, like digital loan participation platforms, should be treated differently, as they represent a healthy model of strong bank-fintech governance and partnership.

Once they’ve homed in, regulators should consider a “regulation-lite” framework that encourages ongoing innovation and collaboration while ensuring both parties meet appropriate standards. This could take the form of a relatively simple checklist for both parties that factors in relevant questions, such as:

  • Do you have robust due diligence programs in place (e.g., related to anti-money laundering, know-your-customer, and adequate recordkeeping for deposits received from third-party/non-bank entities)?
  • Do you have full visibility into relevant ledgers and your partner’s financial performance?
  • Do you have a contingency plan in place should the partnership fail?
  • Are roles and responsibilities clearly assigned between you and your bank/fintech partner?
  • Have you identified an appropriate scope and frequency of reporting (e.g., on partner’s performance, risk management audits)?

Best Industry Practices

Several organizations offer useful blueprints for others to follow. Banking-as-a-service vendor Treasury Prime fully integrates its ledgers with its client banks’ core systems and holds its application programing interface’s underlying code in escrow—so if the company went offline, banks would still have access to the fintech’s database and could continue leveraging its API.

Similarly, Chime Financial designs its relationships with banks to protect its customers in case of failure.

"Not only does each of our partner banks have complete access to the relevant ledger, they also each have full visibility into Chime's financial performance, enabling them to plan for and anticipate potential disruptions," Chime said in response to the federal agencies’ RFI last year. "Consequently, our members would be protected in the event of an operational disruption."

On the bank front, a recent report from law firm Troutman Pepper suggests that compliance teams should focus on “ledgering hygiene” that requires fintech firms to have separate accounts that “more clearly delineate funds for customers, operations, payment fees to third parties, contingency reserves, and network settlement.”

More Collaboration Equals More Innovation

Fortunately, last year’s tumult stimulated more cooperation and information sharing. This is a positive indicator of where the bank-fintech relationship could be heading.

For instance, since launching in the fall of 2024, the Coalition for Financial Ecosystem Standards has worked among its members and alongside regulators to develop standards for third-party relationships.

Yet more can be done. As I’ve previously argued, bringing back regulatory sandboxes in this area would allow fintech to gain needed experience in the banking world while fostering continued innovation in a safe, monitored, and risk-averse manner.

Though there may be more twists and turns ahead, banks and fintechs need each other more than ever. A regulation-lite framework that fosters innovation, transparency, and proactive engagement among key stakeholders can help both parties reach their full potential.

Source: Finance Magnates