Compliance as a Product in BaaS
Anthony Peculic, Head of Cards at Cross River Bank, on building a fintech one-stop shop
In BaaS, compliance is part of the product, not a back office tax. The real job is not just opening accounts or issuing cards, it is making sure every signup, transfer, and swipe fits bank rules, card network rules, and anti money laundering controls. That changes the user flow itself, because onboarding screens, limits, disclosures, transaction reviews, and manual escalations all have to be designed into the product from day one.
-
Cross River positions compliance as one leg of the bundle alongside accounts, payments, lending, and cards. The point is to let a fintech launch one program without stitching together a bank, processor, risk team, and policy layer on its own. That is why a bank partner can work with Stripe underneath, while Stripe owns the developer and merchant facing software above it.
-
The hard part is visibility. In fintech programs, a bank often does not directly see every end customer and transaction inside omnibus account structures, so the winning platforms build shared ledgers, case management, and rule engines that let the bank, fintech, and ops teams look at the same activity and resolve exceptions together.
-
Comparable players like Lithic show how operational this becomes in practice. Compliance means monitoring every card transaction against rules from the partner bank, the networks, and the processor, then giving ops staff tools to change limits, review alerts, configure programs, and catch edge cases that generic software misses.
The market is heading toward fewer pure abstraction layers and more bank friendly infrastructure. The providers that win will be the ones that make compliance feel like fast software instead of slow manual review, because that is what lets fintechs launch quickly without creating regulatory drag for the bank underneath.