Dude, Where’s My Bank? “Banking As A Service” Leaves Customers and Regulators in the Lurch

“Banking is necessary,” Bill Gates once said, “but banks are not.”?Silicon Valley has taken these words to heart. Fintech apps have attracted customers who might once have opened bank accounts by offering higher interest rates on deposits, easier access to loans, and a host of other features. But almost all of these apps have one thing in common – they are connected to a bank in some way.? And when that connection fails, as in the case of the recent collapse of a fintech service provider, customers have learned that a fintech app and a bank can be two very different things when it comes to getting their money back.

Fintech apps attract customers in many ways. Two of the largest, CashApp and Chime, offer convenient payment services.? Others, such as Yotta, rely on a more gamified experience, awarding lottery tickets to customers. Juno connects cryptocurrency holders to the banking system.? All of these apps come with an end-user interface that allows customers to withdraw and deposit funds, pay bills, and conduct other bank-like activities on their phones.? ?In order to connect to the payment system and obtain federal deposit insurance for their customers’ funds, these fintechs must establish relationships with an FDIC-insured bank.? Fintechs typically disclose that they are not a bank, but that they maintain an account for customer deposits with a bank.? The fintech, however, will usually open only a single deposit account, known as an “FBO account,” in its name (and not the names of its customers) at the bank.? The bank relies on the fintech to maintain a deposit ledger for the fintech’s customers and follows the fintech’s directions for customer deposits and withdrawals.?

The largest fintechs connect directly to banks.? New fintechs seeking to enter the market often seek to avoid the expense and complexity of developing their own accounting interface with their banking partners.? Enter Synapse Financial Technologies, a firm that provides so-called “middleware” to fintech providers and allows banks access to its systems.?This combination of an FBO bank account, a middleware technology provider, and an app-based end user interface is common to many fintechs, and has become known as “banking as a service (BaaS).”?

Because Synapse dealt only with the fintech apps who were its customers and their banks, it was invisible to fintech customers — until May of this year, when it filed for bankruptcy.? The company was funded by venture capitalists, grew rapidly, but never made a profit.?? The loss of a large customer and a dispute with a bank, Evolve, that was used by many fintech apps forced it to shut down.? When Synapse turned off the “dashboard” that allowed Evolve to respond to fintech customer requests for deposits, withdrawals and payments, Evolve froze the FBO accounts held in the name of the fintech apps.

This left customers of Yotta, Juno, and other fintech apps without access to their funds. A trustee appointed by the bankruptcy court reported the possibility of a shortfall of as much of $96 million in customer funds. Synapse and Evolve blame each other. Three months of proceedings before a bankruptcy court have failed to resolve the dispute, and banking regulators have found themselves powerless to help.

The fintech/middleman/bank structure, as a commentator in The American Propsect put it, “appears almost perfectly calibrated to avoid regulatory oversight.”? Evolve Bank is not insolvent, so the FDIC’s deposit insurance has not been triggered (And even if it was, the failure of Synapse’s systems means that the bank and the FDIC wouldn’t know who to pay anyway). Fintech apps may be required to register with state agencies as money service businesses, but in this case the app operators deposited their funds with an FDIC insured bank and relied on a third party for accounting services.? Synapse itself, which never dealt with the customers of the fintechs directly, is probably totally unregulated.

The federal banking regulators scrambled to fill this hole in the system, an example of? “regulatory arbitrage.” They issued a joint statement in July noting the multiple ways in which BaaS relationships can be structured and the risks associated with them.? Besides the obvious risk that the bank simply may not be able to process deposits and withdrawals, the joint statement also notes that BaaS arrangements can make it much more difficult for banks to fulfill their compliance obligations, police money-laundering, and maintain adequate capital.? The statement urges banks to take steps to mitigate these risks, including developing a contingency plan in the event a provider is unable to continue in business.

Evolve Bank almost certainly did not have such a contingency plan and as recently as last week posted a statement on its web site notifying customers that it was still trying to obtain an accurate ledger from Synapse that would allow it to resume deposit activities for affected fintech customers. Evolve’s primary regulator, the Federal Reserve Board, issued an enforcement action against the bank in June, citing “deficiencies in the bank's anti-money laundering, risk management, and consumer compliance programs.” At about the same time they issued their joint statement, the federal banking regulators also issued a “Request for Information on Bank-Fintech Arrangements Involving Banking Products and Services Distributed to Consumers and Businesses.” The request, which is often a prelude to new regulations, describes multiple fintech-bank relationships and requests banks to comment on the types of risks presented by them and the ways in which they can be mitigated.

Fintech applications grew in popularity in large part because they tried not to act like banks.? Users like their easy-to-use interfaces, their higher deposit interest rates, and the various gimmicks and tie-ins that they use to attract customers.? Because they are relatively small, relatively new, and mostly unregulated, they can take more risks than established financial institutions.? Banks, on the other hand, are creatures of a regulatory system that aims to protect customers from financial institutions that take too much risk.?

?Customers take comfort in the knowledge that their money is safe at a bank. Risks like the one presented by the Synapse collapse arise when third parties insert themselves between the customer and the bank.? Fintechs, banks, and regulators can all take steps to reduce the risks inherent in the BaaS process.? But the best way to ensure that your money will be available when you want it is to deal directly with a bank.? Bill Gates’ prediction of the demise of banks still looks a bit premature.

?The federal banking regulators’ joint statement on BaaS risks is available at https://www.federalreserve.gov/newsevents/pressreleases/files/bcreg20240725c1.pdf

My podcasts, “Risk Management for Financial Institutions - How Banks Stay Safe and Sound” and ”Not Too Boring to Fail, Part II – How changes in investment strategies affect the life insurance and annuity industry,” are available at https://www.youtube.com/watch?v=2kNWCLQp678 and https://www.youtube.com/watch?v=zeD1txRMxbM

Fred Egler is an independent consultant who advises on operational risk issues at financial institutions, including banking, securities and insurance. He is also a member of the National Roster of Arbitrators of the American Arbitration Association.? He can be reached at [email protected].

?

?

?