Two fintechs give credit unions banking-as-a-service capability

Two technology vendors are working to adapt the banking-as-a-service model for credit unions.

The BaaS model allows third-party institutions to partner with licensed banks to build new services for customers. Mbanq's credit union service organization will use application programming interfaces to take a similar approach to smaller credit unions.

“Oftentimes, credit unions are suffocated by their existing infrastructure because the cost to purchase a new terminal solution exceeds their economies of scale,” said Mbanq CEO Vlad Lounegov. “But the way that we proposed the credit union-as-a-service together with Temenos is to deliver services to clients that function using the same foundational technology, and then work from there.”

Unlike a traditional credit union service organization, Mbanq CUSO is meant to be broader in scope, handling technology, compliance and back-office operations. The offering could also help de novo credit unions get up and running quicker, according to Mbanq.

Utilizing the Geneva-based Temenos’ Banking Cloud technology, Mbanq will offer what Lounegov calls a “templated approach” that allows both vendors to focus less on building wholly-new core systems for each client, and more on creating tailored services that suit the wants and needs of each institution.

“You can have a very strong focus on members that represent a certain community or you can have a focus on a certain trade, but at the end of the day the technology and distributed services end up functioning the same across different credit unions,” Lounegov said. “So at the end of the day, there’s no need to reinvent the wheel.”

Brad Smith, a partner at the Scottsdale, Arizona-based advisory firm Cornerstone Advisors, said that there are potentially significant benefits to the credit union industry through an CUaaS offering by lowering the barrier to entry for de novo credit unions.

However, regulatory concerns about such a service will make or break its success.

“Anytime you try to do the first thing in a regulatory environment, it takes an awful amount of work and the end result is not guaranteed,” Smith said.

The main benefit of “as-a-service” offerings that helps to fuel innovation is in part due to their transparency and openness. By opening up an institution’s application programming interfaces, or APIs, it facilitates easier integrations of new services into an institution’s core platform.

A report from Cornerstone Advisors found that out of 260 community-based bank and credit union executives surveyed in the fourth quarter of 2020, 53% had already integrated APIs into their organization.

“We’ve seen an uptick in credit unions coming to market to solve specific issues that they’re having and while not all of them are looking to instantly move their back office processes, most are looking to improve their digital capabilities,” said Philip Barnett, president of strategic growth at Temenos and member of the executive committee. “We often talk about how we’re working to make banking better, and our view is that the best technological banking capabilities should be available to any institution, regardless of their size.”

As beneficial as increased ease of integration is, it can similarly lead to an increased cybersecurity risk and leave credit unions open to hacking attempts.

Salt Labs, a unit of Salt Security in Palo Alto, California, published a report in July in which its researchers tested the online platform of an unnamed large financial institution that works with partnered banks and financial advisors to offer API services.

Vulnerabilities that were found and then exploited by researchers allowed them to view customers’ financial records, delete customer accounts, perform account takeovers and conduct denial-of-service attacks.

Data from the Federal Bureau of Investigation’s Internet Crime Complaint Center logged a cumulative total of five million complaints from citizens since its founding in 2000. Approximately 14 months after last year’s reporting, there were one million more.

As cybersecurity becomes a larger concern for financial institutions, Temenos will leverage the security built into its open cloud platform to protect partnering institutions from hacking attempts and continue to adjust the CUaaS program to better suit the changing needs of consumers.

“We've been proactive with the customers to test the service proposition by executing some proof-of-concepts to obtain results, while also responding to customer needs in the marketplace,” Barnett said.

Additionally, the National Credit Union Administration’s board of directors met this month to discuss the cyber risks faced by the credit union industry, wherein the agency reviewed internet crime statistics and examined how its Automated Cybersecurity Evaluation Toolbox could best serve the broader industry.

For reprint and licensing requests for this article, click here.
Credit unions Technology
MORE FROM AMERICAN BANKER