In what seemed like the climactic denouement of a top-billed WWE wrestling match, the FDIC came flying off the top rope on Tuesday with a proposed rule change that will send the banking-as-a-service (BaaS) ecosystem reeling, requiring a crack medical team to drag both third-party fintechs and their banks sponsors off the mat and back to the dressing room.
As a result of the Evolve Bank, Mercury, and Synapse debacle (which is still playing out), the government run banking agency (a 5-member board of Presidential appointees requiring Senate confirmation) is proposing to to force banks to maintain detailed records of the ownership of for-the-benefit-of (FBO) sub-accounts, and the respective balances thereof, in addition to the third-party fintechs under whose name the pooled account is held, and who are already supposed to be responsible for the same data tracking and record keeping.
With the recent surge in consent orders to banks sponsoring BaaS programs, this new FDIC rule is sure to depress the appetite for bank participation. It will also roil the third-party fintech provider side of the market (neobanks, fintech originators, and mobile wallet-based alternative payment systems) as they scramble to figure out how to be compliant, how to convince a bank to sponsor them, and where to even find a sponsor bank as the new rule, at least in the short term, is likely to spook the handful that are still active in these partnerships.
And there will certainly be banks and fintechs that bail-out altogether – banks for liability reasons and fintechs that don’t have sufficient runway to fund operations until this new chapter plays out.
But the FDIC rule ought not to be understood as a BaaS killer. The rule may cause severe pain to the industry in the short term, but it’s indicative of growing pain, not a terminal condition. Digitalization has precipitated a (healthy) co-dependency between banks and fintechs, and this need to work together, within the framework of the new regulation, should spur further innovation between the two, compelling them to continue to make these services available to consumers and SMBs, while at the same time safeguarding their respective assets. Alternatively, it may very well initiate a wave of fintech/fintech and bank/fintech consolidation. As to the latter, it’s easy to imagine, from the bank sponsor perspective, a desire to acquire these fintechs, especially the financially vulnerable ones with good tech, if they need the technology (they do) and they’re going to be on the hook for capturing ownership and balance information anyway. It becomes a no-brainer to at least explore strategies to fold these fintechs into existing operations.
Lastly, and this point is for the true fintech and banking news junkies, the timing and substance of the new FDIC rule is somewhat ironic given the CFPB is supposed to issue its final guidance on open banking regulation (Section 1033 Rule) between now and the end of the year. The substance of which is the framework within which consumer financial data is to be made easily accessible and portable by the banks so that, with users’ permission, it can be shared with third-party providers. Thus, at the same time these new guidelines dictating how banks are to share information are rolling out, the FDIC is forcing banks to store and protect even more of it.
…more like a WWE match than I thought.
