Banking-as-a-Service could it be your competitive advantage?

January 18, 2023

1- What is Banking-as-a-Service (Baas)?

BaaS is a business model in which chartered/licensed banks integrate their licensable financial processes (e.g. loan origination) directly into the products of non-bank businesses (e.g. FinTechs).

2- What are some examples of the Banking-as-a-Service business model?

One of the most popular models is the lending BaaS model. Under this model the Bank acts as the loan originator for the lending transaction, and the FinTech acts as the marketing engine and customer support mechanisms for the transaction. In the United States, lending is by - and - large a licensable activity. Without partnering with a Bank, a FinTech may need to collect licenses from all 531 US jurisdictions. The BaaS lending model allows FinTechs to reach a larger market at record speed and without considerable administrative pain and effort.

3- Why enter into the Banking-as-a-Service business model?

There clearly are benefits for each party. The bank can leverage the FinTech’s ability to dive into niche markets and attract an expanded demographic of customers. For FinTechs, the arrangement relieves the enormous pressure of licensing; which is both time consuming and expensive. Depending on where the FinTech desires to operate, and the business model, financial infrastructure arrangements with the partner bank can completely eliminate licensing headaches. There are additional advantages, but we have found the one captured here to be one of the most popular.

4- What is a Banking-as-a-Service platform?

A BaaS platform is an intermediary service provider. The BaaS platform is connected with one or more banks or licensed financial institutions, allowing them to act as a reseller (of sorts) of the financial institutions BaaS solutions. The BaaS platform then provides a suite of front-end financial solutions that the FinTech can leverage for their products and services.

5- What is the difference between Banking-as-a-Service and open banking?

The difference between the two is fairly simple: open banking provides access to data, whereas BaaS provides access to the bank’s functionality.

6- How does BaaS relate to Financial Infrastructure Providers?

A Financial Infrastructure Provider is the broader category that includes Banks that operate within the BaaS Model. Other Financial Infrastructure Providers include licensed financial institutions that solve money transmitter licensing requirements, often associated with payment processing solutions.

7- What types of risk management systems should a FinTech have in place to meet financial infrastructure compliance requirements?

This depends on the product that will be delivered to the customer. A great place to start to understand the likely compliance requirements is viewing the examination materials of the FDIC2 and the OCC3. These provide a glimpse into the compliance requirements of the potential bank partner, and many of these requirements will be passed through to the FinTech. When building your compliance program don't forget about the program's continuity, we covered this topic here Compliance Continuity Plan: A 2023 Must-Have For FinTechs.

8- How can a FinTech educate its employees on regulatory requirements and how to support the FinTech’s overall compliance efforts?

Several providers have created regulatory-based compliance training for the banking industry. The problem is that the more niche the FinTech’s product is, the less likely there is off-the-shelf training that captures these unique processes. Having a seasoned compliance professional who understands both the spirit and letter of the regulation is invaluable in filling this gap.

9- How many banks provide Banking-as-a-Service solutions?

While there are a number across the world,  in the States there are over 25+ BaaS and financial infrastructure providers. Some of the largest US-based BaaS providers include: Cross River Bank, Evolve Bank and Trust, and WebBank.

10- What areas of compliance under the BaaS model are fairly universal, regardless of the front-line product or service?

Regardless of the FinTech’s front-end product; the following compliance programs are the bare minimum required to be implemented: Anti- Money Laundering Program; Complaint Management Program; Marketing Compliance Program; Privacy Program; Data Security Program; and the Third-Party/Vendor Risk Management Program.


1 50 states; District of Columbia; Puerto Rico; and Guam.

2 Federal Deposit Insurance Corporation: one of two federal US agencies that supply deposit insurance to depositors in American depository institutions

3 Office of the Comptroller of the Currency: an independent bureau of the U.S. Department of the Treasury.  The OCC charters, regulates, and supervises all national banks and federal savings associations as well as federal branches and agencies of foreign banks.

Visit AskDegree for the latest risk management and compliance trends impacting the digital world.