Alexandra Barrage, a partner in Troutman Pepper’s Corporate Practice Group, was quoted in the July 26, 2024 American Banker article, “What Is the Cost of Doing Banking as a Service ‘Well’?

“In my experience, there is always some tweaking,” said Alexandra Barrage, a partner at Troutman Pepper.

Leaders across the bank – from board members to the C-suite to senior management – should be steeped in the risks banking as a service brings, including those of vendors failing, losing access to critical data and being locked into contracts with problematic partners. Board oversight is a frequently criticized area in enforcement actions, points out Alt.

To prepare for the more granular questions that are seeping into exams, Barrage recommends that banks engage in mock exams and analyze their weak spots.

“That kind of exercise has happened outside of banking as a service but more banks are thinking about it as a way of pressure-testing themselves,” said Barrage.

Contingency planning also doesn’t get enough attention.

“Most banks think about contingency plans in terms of cyberattacks, but they need to broaden their thinking,” said Barrage. “Third parties could file for bankruptcy. They could hold the keys to customer data and reconciliation of accounts.”

For Barrage, the bigger focus should be on internal stakeholders understanding the specific risks associated with banking as a service.

“In general I don’t think these relationships raise any new types of risks,” she said. “If the existing compliance team has a granular understanding of all of those risks, it’s not clear to me that every bank needs to have a BaaS-specific compliance team.”