What Happened to Banking as a Service

For a few years, Banking as a Service looked like the rare arrangement where everyone won. Fintechs got to offer bank accounts without a charter, small banks got fee income and a foot in the digital door, and the people using the apps got slick products. I wanted that arrangement to work. Years ago, when I was building a payments product, a partnership like this was exactly what I was looking for and couldn't get. So when the model started breaking in the most visible way possible, I paid close attention, this time from inside a bank rather than outside trying to get in.

The Layer in the Middle

The part of the stack that made all of this possible was the middleware layer, the companies that sat between the chartered bank and the fintech and wired the two together. They handled the ledgering, the payment rails, and a lot of the connective tissue, so a fintech could launch a bank account without building any of the plumbing and a bank could onboard a program without standing up an API team.

It was a clever division of labor. It was also where the responsibility and the record-keeping quietly came apart.

Where It Got Brittle

Here is the structural problem, and it is the kind of thing that looks obvious in hindsight. The money sat in pooled accounts at the chartered bank. The map of which end client owned which dollars lived in the middleware provider's ledger. The bank was accountable for the funds. The middleware held the truth about who they belonged to.

That works right up until the two records stop agreeing, or the company keeping the map stops operating. When Synapse, one of those middleware providers, collapsed, the failure was not really about technology. It was that nobody could cleanly reconcile the bank's view of the money with the provider's view of who owned it. People who had done nothing wrong could not get to their own money, because the system that mapped them to it was the part that broke.

It comes down to something simple. You should not be accountable for something you cannot see. The banks in these arrangements were accountable for funds whose ownership was recorded somewhere they did not fully control.

What a Community Bank Should Take From It

The lesson is not that BaaS is poison. It is that you cannot outsource the parts you are accountable for. A bank can partner with technology companies, but it has to own the things the charter makes it responsible for, the compliance and the ground truth of who owns what. If the ledger that maps clients to dollars is the bank's responsibility, the bank needs real visibility into it, not a quarterly assurance that everything reconciles.

This is part of why a direct relationship between a bank and a fintech is a different animal than one run through layers. Fewer hops between the accountable party and the actual activity means fewer places for the record and the responsibility to drift apart. It is more work for the bank, not less. That is the point.

Regulators had been clear all along that the bank is responsible for the activity it enables, and what unfolded underscored why that posture exists. It protects the people at the end of the chain, the ones least able to absorb a failure. Engaging examiners early and treating a program as a serious operational commitment, not a revenue line, is what makes a program like this work. A bank that cannot commit to that is right to hold back.

What Survives

I do not think the model is dead. The demand for better digital banking is real, and plenty of banks and fintechs will keep building together. But the version that treated the middle of the stack as a black box you could plug into and forget is over. A bank is accountable for everything it enables, including the parts it chose not to look at closely. That was always true. It just took a painful failure to make it impossible to ignore.