MDIs in the New Age of Banking as a Service (BaaS)

The Emerging Opportunity for a 2.0 Reset 

Minority Depository Institutions (MDIs) have long served as vital anchors in their communities, providing essential financial services and fostering economic growth. In today’s rapidly evolving financial landscape, new business models and technologies are presenting both significant opportunities and complex challenges. Among these, Banking as a Service (BaaS) is a business model under active consideration by MDIs. 

In a recent survey among NBA members focused broadly on fintech partnerships, respondents expressed interest in piloting a software platform designed to monitor BaaS partnerships. This willingness to explore specialized tools for managing BaaS relationships points toward tangible interest in adopting or engaging with this business model. 

BaaS offers MDIs a pathway to expanding their reach and, more importantly, increasing their deposit base. However, pursuing these opportunities requires careful navigation of inherent risks. 

MDIs face significant perceived risks when engaging in technology partnerships, including those that underpin BaaS models. Operational risk is frequently ranked as the highest — or second highest — magnitude risk by survey respondents evaluating potential fintech partnerships. Regulatory risk is also a consistent top concern, often ranked as the first or second most significant. Other risks identified include reputational and financial risks, though these are often ranked lower than operational and regulatory concerns. 

Beyond risk identification, MDIs also highlighted the practical challenges of managing these partnerships. Challenges most frequently cited by respondents include “lack of visibility into fintech operations” and “regulatory compliance.” Inadequate risk monitoring tools and resource constraints were also commonly mentioned. 

Given this landscape of interest in BaaS opportunities — coupled with clear concerns about managing the associated risks and compliance requirements — the path forward for MDIs is clear: they must identify risk-adjusted partnership options to increase their deposit base while avoiding penalties for failing to supervise partners. 

The regulatory environment is unforgiving. Failing to effectively supervise third-party relationships — including BaaS partners — can lead to significant regulatory scrutiny and potential enforcement actions. The data on bank enforcement actions paints a stark picture: receiving a formal enforcement action from a primary federal regulator can severely impact a bank’s survival prospects. A recent analysis by the Klaros Group reveals that for small community banks, especially state non-member banks (FDIC-regulated) with less than $100 million in assets, the five-year survival probability after receiving a formal order was a mere 41%. 

To effectively identify risk-adjusted BaaS options and supervise partners to avoid penalties, MDIs need appropriate tools and strategies. NBA members have identified several advanced technology strategies for monitoring fintech partnerships. These create a highly auditable and secure foundation and include: 

• Pioneer and build an advanced adjacent core platform 

• Implement real-time risk monitoring 

• Automated compliance checks 

• Embedded integration with regulatory requirements 

• Audit trail and reporting 

One MDI has distinguished itself as a leader in financial innovation by pioneering its own advanced technology components to facilitate embedded banking while maintaining rigorous risk controls. To mitigate both internal and external fraud, the bank developed unique operating lanes that restrict payments to pre-approved destinations. Their proprietary approach includes a zero-trust architecture and near-real-time risk management systems. These systems — equipped with “brakes and kill-switches” for irrevocable payments — pre-dated industry standards like FedNow. By integrating digital identity tokens directly into their APIs, they ensure that fintech partners only initiate transactions for KYC-verified entities, creating a highly auditable and secure foundation for their BaaS operations. 

Conclusion 

BaaS represents a potential “2.0 Reset” opportunity for MDIs to innovate and grow. However, unlocking this opportunity safely requires a strategic, risk-aware approach. MDIs must prioritize investing in leading technology, conducting rigorous due diligence in selecting partners, managing operational and regulatory risks, building effective oversight and compliance tools, and ensuring thorough supervision of all third-party activities. Only by doing so can they harness the benefits of BaaS while mitigating the severe consequences of non-compliance. The time to assess these opportunities and prepare for the associated complexities is now.