At Swan, we understand the challenges and complexities of embedding banking features partnering with a Banking-as-a-Service (BaaS) provider. One of the most critical aspects of this process is navigating the intricate landscape of compliance and fraud prevention.
That's why we've taken a unique approach by assuming full responsibility for all regulatory requirements on behalf of our partners, allowing them to focus on their core competencies and provide exceptional solutions to their customers.
Today, we will discuss the importance of compliance responsibility in the context of embedded finance. We highlight the limitations of conventional BaaS models and showcase how Swan's innovative approach not only simplifies the process but also effectively addresses the issue of accountability in the fight against fraud and other financial crime.
Why accountability in compliance matters
Swan’s regulatory set-up has many benefits for our customers, who don’t need to exceed their areas of competence by building in-house compliance and anti-fraud capabilities. But this is not the only advantage of our model. We believe we solve the accountability deficit around compliance Simon Taylor discussed in a recent article.
When there isn’t clear responsibility for failing to properly manage risk, incentives can simply run wild. This can lead to unfortunate outcomes like what has been observed at Cash App, where allegedly over 50% of user accounts may be fake as a result of lax KYC processes. Cash App outsources core banking functions to Sutton Bank, a regional bank based in Ohio, USA. It pays Sutton Bank to ‘rent’ their banking capabilities: their license, their ability to create FDIC-insured bank accounts, to issue cards, etc. At its most basic, to move and store money.
Swan’s customers partner with us to do, essentially, the same thing. We use our status as a regulated E-Money Institution to create bank accounts, issue cards, and orchestrate transfers on behalf of our customers and their users.
At the end of 2022, Cash App reported a staggering 51 million active users. That is approximately one out of every six Americans. Now, as a regional bank primarily focused on issuing loans to farmers, it is unlikely that Sutton Bank has the ability to handle the KYC and risk management processes needed to onboard millions of people from every corner of the nation. Luckily (or unluckily, depending on your perspective), there is no regulation mandating them to do so. Ostensibly, Cash App has the technology to take care of this!
But again, incentives rule. Cash App wants more accounts, more money being moved, and more people onboarded who can purchase auxiliary products like loans or crypto trading. Sutton Bank, on the other hand, wants to maximize deposits. So they can lend greater sums to more farmers. This is obviously a dangerous embedded finance set-up. The entity with the banking credentials is not responsible for anti-fraud measures and is incentivized to maximize deposits. The technology company, without a regulatory mandate, assumes responsibility to prevent fraud and ensure compliance. But, they are hardly experts either. They are technologists, not bankers.
Who holds the ultimate accountability in this scenario?!
How most BaaS companies put together their regulatory frameworks
When most companies partner with a BaaS to build banking features into their product, they are required to pursue a costly and lengthy process to become a regulated agent. Even if payment and e-money institutions are still responsible for security and compliance, agents must put several policies in place to comply with regulatory requirements.
In practice, these requirements have a big effect on the firm bringing payment products to market. Before they can go live, they must hire a compliance team to take care of preparing the necessary paperwork, manage relationships with the regulatory authority, and a risk team to fight against fraud.
This, of course, costs money but, perhaps more crucially, it forces firms to step outside of their zone of competence and establish an entirely new function that has little relation to the rest of the business. An entirely new knowledge base must be cultivated, the right leaders hired, and airtight processes implemented without prior knowledge. This can be a daunting task.
Delegating responsibility for compliance to clients also does not solve crucial accountability questions. Logically, the buck ought to stop with the BaaS provider. As the fully licensed banking institution (not to mention the entity being paid many thousands of Euros), the provider should be held accountable if money is laundered through their accounts or if they allow unsavory persons to receive cards. But, a model in which a BaaS compels its customer to get regulated, creates an accountability no man’s land.
If you think about it, a BaaS with 250 clients who are all regulated PIs and thus have their own unique compliance and fraud prevention regimes would have a terribly difficult time understanding the set-up of every customer. In the end, they would not even be able to effectively remediate any major issues that might arise.
Swan is built differently than other BaaS players. We do not require our partners to become regulated agents. Instead, we handle all the regulatory requirements ourselves. We do this so that our customers can launch their new finance features quickly, of course, but there is another even more important reason: accountability.
Swan’s approach to accountable compliance
We truly believe that we have the most customer-centric and end user-centric approach to combating fraud and other bad behaviors. Our method is simple. Swan is responsible for implementing KYC, AML and other associated processes on behalf of our partners. Our customers absolutely do not need to become regulated agents. When they sign with us, we promise to take care of the complicated and messy stuff.
It might be useful, in fact, to consider that our regulatory approach is itself a core part of our product offering.
It all goes back to our origin story. Our founders started Swan because they wanted to embed a finance product at their former company. When they began researching how, they found that none of the options in the market met their needs.
As developers, they wanted to have the ability to focus solely on building excellent products. They found the regulatory requirements from legacy BaaS providers unreasonable and set out to build a new BaaS that could properly productize regulation & compliance, so that customers could focus on what they know best.
KYC? We own it. Transaction monitoring? Our responsibility. Accountability to regulatory bodies? Solely with us.
We just see it as logical. Our partners are experts on their industries. They know the pain points, what makes companies run smoothly, and the psychology of folks working in them. That is why they are building innovative new products for them.
We are experts on accounts, payments, and cards. And how an institution offering these products functions. We know the pain points, how to build performative anti-fraud processes, and how to comply with the requirements of regulators. Our fraud levels are way below average in the industry. This is why we are responsible for compliance and regulation.
Accountability in compliance is in our DNA
Since the very genesis of Swan, we have been steadfast in our conviction that embedding finance should be fast, easy, and safe.
Our unique approach of assuming full responsibility for compliance, risk management, and anti-fraud on behalf of our partners effectively addresses the issue of accountability in the fight against financial crimes. This allows our partners to focus on what they know and do best: delivering excellent solutions to their customers.
As experienced payments and banking experts, we are well-equipped to manage these responsibilities, ensuring a seamless experience for both our partners and their end-users. By taking this approach, Swan has set itself apart from conventional BaaS models and continues to redefine the landscape of embedded finance.