Banking-as-a-Service is a model in which licensed financial institutions expose their regulated banking infrastructure to non-bank businesses through APIs. This allows those businesses to embed banking products — accounts, payments, cards, lending — directly into their own platforms and customer experiences. BaaS is the infrastructure layer that makes it possible to offer virtual IBANs, payment accounts, and embedded financial services without holding a full banking licence.
What It Is #
Traditionally, offering banking services required a banking licence — a costly, years-long process involving regulatory approval, capital requirements, and ongoing compliance obligations. BaaS changes this by separating the banking infrastructure (the licensed, regulated layer) from the customer-facing product (the interface and experience the end user sees).
A BaaS provider — typically a regulated bank or licensed e-money institution — handles the compliance, regulatory capital, risk management, and core banking operations. The platform using BaaS controls the user interface, product design, and customer relationships. The result is banking functionality delivered under the platform’s brand, powered by regulated infrastructure underneath.
This model has enabled an entire generation of fintech platforms to offer financial services that previously required building or acquiring a bank.
The BaaS Stack #
| Layer | Who Owns It | Examples |
|---|---|---|
| Banking licence and regulation | BaaS provider (licensed bank or EMI) | Licence, capital requirements, FCA/BaFin authorisation |
| Core banking infrastructure | BaaS provider | Ledgers, payment rails, clearing, settlement |
| API layer | BaaS provider (consumed by platform) | Account creation APIs, payment APIs, card issuance APIs |
| Product design and UX | Platform | Interface, user flows, dashboard |
| Customer relationship | Platform | Onboarding, KYC, customer support |
| Brand | Platform | White-label presentation |
What BaaS Enables #
BaaS allows platforms to offer a suite of embedded financial services natively within their product:
Virtual IBANs — Every user on the platform can be issued a dedicated IBAN — a real, functional bank account number — used for receiving payments, holding balances, and executing transfers. Powered by BaaS infrastructure, these IBANs connect to SEPA and SWIFT payment rails without the platform needing its own banking licence.
Payment Execution — Invoice settlements, early payment disbursements, and supplier payments are executed through BaaS payment rails. These support same-day or next-day SEPA transfers at scale, with full transaction traceability.
Embedded Accounts — Users can hold working balances on the platform — collecting receivables into their virtual IBAN, deploying surplus cash via dynamic discounting, and managing payables — all without leaving the platform.
Card Issuance — BaaS infrastructure enables platforms to issue virtual and physical payment cards to users — supporting procurement spending, expense management, and cashback programmes.
BaaS vs. Traditional Banking Integration #
| Dimension | BaaS | Traditional Banking Integration |
|---|---|---|
| Licensing requirement | Not required — BaaS provider holds licence | Required for regulated activities |
| Speed to market | Weeks to months | 12–36 months minimum |
| Product control | High — platform controls UX | Low — dependent on bank’s systems |
| Cost | API-based, variable | High fixed costs, correspondent fees |
| Scalability | Scales with transaction volume | Requires renegotiation at scale |
| Compliance burden | Shared with BaaS provider | Fully on the platform |
| Customer experience | Seamless, embedded | Friction — often redirects to bank portal |
BaaS and Regulatory Compliance #
The BaaS provider holds the regulatory licence and assumes primary responsibility for AML, KYC, and prudential compliance at the infrastructure level. However, platforms using BaaS are typically still required to perform customer-facing KYC and comply with applicable regulations in their own right — particularly where they are classified as registered agents or appointed representatives of the BaaS provider.
This means:
- The BaaS provider’s licence covers the payment and account infrastructure
- The platform conducts customer KYC/KYB as part of its own compliance programme
- Suspicious activity reporting and AML monitoring operate at both levels
- Regulatory changes (e.g. PSD3, new AML directives) are absorbed primarily by the BaaS provider, reducing the platform’s regulatory maintenance burden
Practical Example #
A platform wants to issue every supplier on its platform a dedicated virtual IBAN for receiving early payment disbursements. Without BaaS, this would require applying for an e-money licence (6–18 months, significant capital requirement), building core ledger infrastructure, and establishing direct connections to SEPA payment rails.
Instead, the platform integrates with a BaaS provider. Every new supplier onboarded to the platform is automatically issued a dedicated IBAN. Early payment funds are credited to this IBAN within minutes of disbursement. Suppliers can view their balance in real time, transfer funds to their main bank account, or hold them on-platform for deployment via dynamic discounting.
The BaaS provider handles settlement, clearing, and regulatory compliance. The platform handles the product experience. Suppliers see only the platform’s brand.
