- Valuation Model
- Expert Interviews
- Founders, funding
What are the advantages and disadvantages of Synctera's BaaS platform giving banks unique visibility into the activities of their integrated fintechs?
Peter Hazlehurst
Co-founder & CEO at Synctera
Building a BaaS platform is fundamentally just hard. Doing it right entails a lot of fixed cost engineering and product work.
One of the things that's particularly challenging is, when you work the way we work, where each checking account or savings account is rolled up into one giant checking account at the bank, called an FBO (For Benefit Of) account, if you are at the bank, all of the tools and infrastructure you have at your bank doesn't actually apply.
Normally, in a core banking system, you have dashboards that say, "Yesterday we onboarded 500 new customers, and yesterday, 7,000 transactions occurred," etc. With an FBO model, all they see in their core banking system is there's a giant checking account with $6 million in it.
Historically, many of the banks didn't push hard enough to say, "I want visibility into everything that's happening downstream inside those accounts, and because I'm responsible, I need to know. Please, tech provider," or fintech alone, because a number of these fintech programs, there was no banking service provider at all. It was just fintech-to-bank. "Give me visibility into it."
So what started to be generated were maybe weekly or monthly export files, like dashboard, "Here's a list of all my customers, and a list of my transactions.” But the prerequisite of that is something on the other side at the bank to ingest that and do analytics, thinking, and flag transactions for KYC, money laundering etc.
We took a fundamentally different approach, which was to say the data in our program has permission-based access depending on who you are and what you're doing.
As a consumer, it's your data. That's pretty straightforward. When you log into your mobile app, you should be able to see your transactions and have transparency as to where the money went, if there's a hold on my account because I went to the gas station etc. Then, it's pretty obvious that, as a fintech, you want to be able to look at that data in a PII-sensitive way.
So you probably don't want to see each individual consumer’s first and last name and things like that, because you are really focused on the analytics—"What's my KYC funnel? Is everybody failing because they're putting in their address wrong?" That sort of stuff.
We added the raw ledger, the core of this infrastructure, and we said, "Consumers, you get access to your data. Fintechs, you get access to your fintech consumers data. We, Synctera, have visibility." Then we said, "Hey! Bank.
You have access to all the fintech's data and all of the consumers within that," and then we, Synctera, sit across all of them with the ability to say, "Hey! I'm spotting trends of bad behavior over in one fintech, and it's bleeding into another," or "This fintech's doing really well. That one's not doing so great. What can we do to help them?" Building that is actually hard, and we are lucky. We had Kris on our team design an architecture for the ledger, the core that incorporated that from the get-go.
Now, the next evolution of that is actually multi-bank support, which is one fintech spanning multiple banks with their customers distributed across them, and making that easy from an analytic and a thinking perspective. If you don't have that, everything else becomes more challenging.
If you're a bank and say, "Hey! Show me my exposure to transactions over $1000 across all of my customers?" and you don't have access to the data, how do you do it? You can't do it because, based on the information in the FBO account, it's not there. In the FBO account, you have three or four transactions a day, a total settlement from ACH, MasterCard or Visa, inflows and outflows, and say, the fintech is generating interest on deposits—there's going to be some math around that.
Why this becomes a challenge for the banks, from a regulatory perspective, is they really need to know. There's been a really good amount of energy lately of helping get access to the information in a thoughtful and safe way, which creates a lot of work. So, if you start from the beginning with that as a premise, it's actually relatively easy to manage the who-can-see-what. You have to do a lot of testing to make sure people can only see what they're supposed to see and that sort of thing.
Atop that, we built a case management system. Ultimately, let's say a transaction is over a limit. You said, "No more transactions over $1000. This user is swiping for $1200." We decline that transaction. Immediately, we create a functional case, and that gets escalated to the fintech and says, "Hey! You're over your limit. What do you want to do?" It may also go to the bank saying, "Hey! This fintech would like a higher limit. Will you give them one?"
We use that as an orchestration between all of the parties—fintech, bank, us—and those two things, the ledger, the core banking system, the case management, aka the workflow system, plugged in together creates this really interesting framework, where you can build lots of unique, interesting, and special cases.
This customer seems to be the same customer over at this other fintech, and we know we had fraud on that customer before, so we introduced the banner product that basically says, "We know for sure this is a bad actor. If we ever see them again on the platform, we're also going to equally treat them in a negative way," but then, you need an appeals process if we get it wrong. So you've got to make sure you've got the ability for people to get out of that problem space if we misidentify someone and so on.
So that's what we built, and because we are running it all in the cloud across multiple banks and fintechs, we have this unique insight as to what's happening. It allows us to then help and instruct our banks on where you should care. It helps them be more efficient so, if they've got other tools on their side that they want to import the data into—either in real time or in batch—we can do that, as well.
There's a couple of really important concepts that we started with, that I think has proven very helpful.
One is that the bank and the fintech are looking at the same page. They're looking at the same number, at the same customer information. They both have equal access to what's going on. I've experienced other models, where the bank calls us and says, "What's going on? We can't find that number." Everybody scrambles around for three days. Here, the concept is everybody's looking at the same page.
The other is that the bank is always able to supervise and oversee how cases are being responded to and closed. This helps facilitate a kind of coaching mechanism like, "Hey! Let's do it like this." It creates this environment where Synctera, the bank, and the integrator or the fintech are all in it together.
The other thing that's really cool is—and we have a marketing term for it—the Synctera Protect. One of the things that we built is a rule engine that we used to call Trust and Verify. If the integrator gives us information, the API, that's fantastic. Everything looks great, but Rule Checker actually looks at the integrity of the records, the regulations, the details of the program, and flags a case if anything looks unusual.
For example, "Hey! Someone KYC'd and that looks good. They onboarded a card and signed up for a new card." but we don't see a cardholder agreement disclosure acknowledged in that flow. The concept here was that of customer journey analytics basically looking at a customer's journey, and trying to nudge them in the direction of doing the right things on your platform so that you can have a more successful platform from a marketing perspective.
We're looking at the customer's regulatory journey, and if anything looks weird, we say, "That's a case." Someone has to look at that. We have to review that. That's helped us find the things that we don't know. If there's a small bug, for example, in an integrator's app, and they forget to do disclosures, you can easily onboard 10,000 customers that you shouldn't have. So, looking for these things, having this kind of safety net that's also looking at the flow, the data, and the events has been very useful for us.