Wrestling Payments

The Fintech Regulation Cage Match

NEACH Season 4 Episode 4

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 38:09

Send us a text. (email us if you need a response)

Understanding the Future of Fintech Regulation: The Cage Match BeginsIn this episode of Wrestling Payments, Joe Casali dives into the recent executive order that aims to overhaul fintech regulation. As the landscape shifts, understanding how regulation affects fintech firms, banking partnerships, and consumer protections becomes critical for industry participants and observers alike.

In this episode:

  • The core aspects of the May 19th executive order titled "Integrating Financial Technology Innovation into Regulatory Frameworks"
  • The current fragmented regulatory environment and the gaps fintechs face
  • How executive orders influence regulatory change and the potential scenarios that could unfold
  • The implications of direct access to Federal Reserve accounts for non-banks
  • The disparities across states in regulating fintechs and their consumer protections
  • The potential impacts of the new framework on bank partnerships and the overall payment infrastructure
  • Key questions for the industry moving forward: participant categories, due diligence, dispute resolution, and failure protocols


Resources & Links:

Connect with Joe Casali:

Stay tuned for future episodes as the regulatory landscape continues to evolve, shaping the future of fintech and payments.

 

The Fintech Regulatory Cage Match
Wrestling Payments Season 4, Episode 4

Joe Casali (00:00.984)
Hi, and welcome to Wrestling Payments. That intro always gets me revved up. So today, we're going to talk about something that's happening that's an opinion piece, right? So you notice I'm not in my regular attire, my uniform, if you will. And we're going to talk about something that's really interesting. gets me, I think about these things a lot. That's why this is opinion and not

the, what any ideas that represent Nietzsche or NPG or the banking industry at all. It's my opinions on these things. And what we're talking about today is a recent executive order that came in. It established what we're going to call the FinTech Regulation Cage Match. And what it is is a May 19th executive order called Integrating

financial technology innovation into regulatory frameworks. What does that mean? It's a lot of words. A lot of them are lot of words, but again, this is full opinion. It's just me, the microphone. I have one light on, so it's really unofficial, if you will.

When you look at this topic, you ever see that example of a duck where the duck is floating on the surface? It looks all calm on the surface, but underneath the little legs are moving really, really rapidly. That's what I think of this. There's a lot of other things going on here that need some attention, and it's not simply the words on the page. The big question that we're going to address here or talk about or prompt is,

Who regulates FinTech organizations? And the answer is almost no one.

Joe Casali (01:59.161)
They're regulated like a bank. They're not regulated like a credit union. They're not regulated like maybe an insurance company as well. There's weird regulations or no regulations around fintechs. That's what we're going to work through today.

So let's give an example, right? So I live in Massachusetts, Stoneham Bank, not Stoneham Bank. Stoneham is just a hop, skip, and a jump from here. Say for example, in Stoneham or Canton or Stoughton or Dedham, any of those towns, there's a $300 million financial institution. They're examined head to toe every 12 to 18 months.

Examiners come in, they rip everything apart, they look at safety and soundness, BSA, consumer compliance, capital adequacy, liquidity. The examiners come in the door, they pull all the documents, and they issue findings. Sometimes they issue consent orders that say, is broken, you need to fix it. You need to fix it by this time period. Meanwhile, you could have a $500 million payment

transaction company, an app company, there is no comparable examination ever.

Joe Casali (03:27.982)
This isn't a high verbally. I'm not exaggerating. This is the truth. And if you look at the order, I don't know if I'll repeat this point again, but if you look at the executive order, it's any fintech. So if I went out today and started Joe's Fintech, I could get a Federal Reserve account. That's what the implications are. We're looking at giving equal access to the Federal Reserve for a Federal Reserve account. And just as a note,

At the end, we're going to finish this episode and we're going to look like we're done. But if you want to listen a little longer, have some really interesting after the episode thoughts that I'd like to talk through because I don't know if these questions are raised enough, Fintech is not a bank. They have no traditional deposits. They have no federal charter. No one

said, okay, you have enough to be a financial institution. They live in like a free space, an area that there's no, and we'll talk a little bit about governance, but there could be little to no governance. Even the order actually states it, right? So overly burdensome and fragmented regulation. We're going to talk about that. Collaboration between fintechs federally regulated.

institutions and the federal regulators. Translation, the system's broken. It's a patchwork. I agree. I agree with that. I think there's lots of bodies doing lots of things and some of those are the same things and some of them, there's gaps. This order is looking for a prescription and the question is, can we fill it? So issue number one, going to go through a series of issues, right?

these are right out of the order, encourage you to read the order. It is written like an order, so sometimes it's a little Greek, but it does reference the CFBP, the SEC, the NCUA, the CFTC, the FDIC, and OCC. They're all regulators. They all have their own areas where they examine certain types of institutions. What are they regulated?

Joe Casali (05:51.149)
they regulate charted entities, banks, credit unions, securities firms. We got into the SEC and the CFTC, securities firms, trading companies. If you're looking at a payment app, and let's be fair, a bigger payment app, they do get examined or reviewed by FinCEN. They have to follow AML rules. Maybe not Joe's FinTech company that I start next week. The FTC.

FTC, I'm sure you've seen those findings. FTC finds a company not doing something right and they issue a fine, they do a finding. They're going to cover like maybe deceptive practices, right? Nobody is doing what the OCC does for its national banks to a fintech. Nobody does the comprehensive check.

Issue number two, right? In the Order is written, well, the CFBP will do something. I don't know if you guys remember, but earlier this year, there was an act, the Congressional Review Act resolution, it wiped most of the things that the CFBP was doing off the books. They don't do them, they sent everyone home, they don't have employees, they don't have a budget. They were getting ready to supervise or claim.

supervision authority for large non-bank payment apps. That's what they were getting ready to do. $50 million transaction a year was the threshold, so they're big. Think companies like PayPal, Apple Pay, Cash App, Venmo. They were getting ready to say, here's the structure for you guys. Here are the things we're going to examine. Great. And then Congress just said, no, your CFPP is done. They don't get a budget. They don't get people.

They're not going to do anything. Yet, they're in this order as, well, the CFPP will do this. Then, right, not to get political, I'm trying not to. I know you hear it, but I'm trying not to. The CFPP itself then proposed limiting its own authority to supervise non-banks. So, you know, I don't know how they're in this as a solution. The one mechanism moving forward

Joe Casali (08:07.214)
towards directing the examination, gone. right. Now, issue number three, state licensing. If you realize who is, how a fintech's registered or regulated or what rules do they follow, there are rules called money service business rules. And some of them are modern.

new, cutting edge, they all agree we're going to all follow the same rules. And some of them are not, including a state that we're going to talk about that doesn't have any. So it's not an even playing field. It's not a floor that we can rely on that everyone will do a minimum of this. I know in my own state, and for reasons of shame, I won't mention them even though you can guess it,

They just updated their money service business laws to the point where prior to that, it was as if the laws around the telegraph sending wires over the wire system, literally the wires, was the payment system identified as this is what the rules are for. So, 28 states have adopted the Money Transmission Modernization Act. That's what

That's what Massachusetts adopted after multiple years of trying. 22 states have not. Consumers in those 22 states have the oldest rules, the least protection, and sometimes rules that do not even contemplate any of the payment systems available today. I am going to include in this handout the notes, the show notes.

some images, I'll try to, I'll show you them now.

Joe Casali (10:14.774)
Nope. I will show them to you now.

Joe Casali (10:26.638)
Show them to you now. There we go. Share, there you go. So there's one of the images. It's AI produced. present it with a prompt about how do we compare all of these players in the same way. And you can see that all the financial institutions are regulated. They do have some oversight. But there's a gap where it's a patchwork of

different rules, different levels, different effectiveness maybe. I'm not sure how to put that. As we think of all the different regionals and we'll talk about this, but when you think of the states, I'm sure you heard of New York and their bit license. They also have the highest level of examination for money service businesses. You have to be...

license, you get examined, they're pretty strong. Now on the far end, Wyoming and Montana, there's no meaningful money service business, including one of them that says, if you have a federal one, you're good. We don't actually have one. So it is a spectrum where all of those are discovered. But as we continue on, yep, that's still me. Great.

As we continue on, issue number four is those states, right? Wyoming and the exemption problem. So Wyoming, right? And maybe you didn't know this, Wyoming is the most crypto and fintech friendly state in the country. They were the first to define a utility token as a separate asset class. They created a bank charter, a special purpose depository institution charter where crypto companies could, more easily I imagine,

Don't quote me on that. Get a bank license so that they can do financial transactions. They are exempted from certain crypto transactions. Sorry, they exempted some of the crypto transactions from the money transmitting law entirely. So they're very friendly to it. Montana is the one I mentioned. It's the only state with zero money transmitter licensing requirements. They rely on the FinCEN money service business registration. So whenever you hear

Joe Casali (12:54.022)
a fintech get up and say, we are licensed in 49 states. You know what state they're not licensed in because it doesn't have one. The tension to be pro-innovation with real activity or exempting an activity is not the same as making it safe. So what is the right answer? You've got 49 different, 50 different versions of oversight.

Wyoming consumers have no state license behind their transaction. So if we flip into the idea of, how is a depositor or a user or a consumer protected, I would argue in some states they are not really well protected at all. In New York, they're very protected with the bit license application. Same app, right? So if both organizations, there were two different consumers, one in Montana,

and one in New York, something can happen and the one in New York would be protected and the one in Montana would not. Same app, different protections. There's no floor, right? So that's the challenge. So again, we're just reviewing New York has the most stringent, most consumer protection and Montana and Wyoming are the most permissive and light touch.

The protection depends on where you live. That is not a framework. That is a regulatory lottery. How you turn out is where you live, right? And that doesn't seem appropriate to me. The last section is, the last issue is to point out in section four of the order, that's where the most consequential provisions are.

the least discussed. They're asking, and the timeframes on this are pretty fast, right? The timeframes is I need to report on your observations within 60 days, within 120 days. It's not a lot of days. They're going to ask the Fed to evaluate direct access to the payment rails for non-banks. A non-bank, a fintech, Joe's fintech, could have an account at the Fed where I'm

Joe Casali (15:20.206)
processing payments, sending out payments, receiving payments in a Fed account.

They may consider master accounts with no bank in the mix. No financial institution, no regulated organization in the middle of that. That's what spurred me to have this episode. And just as a note, I learned a lot from YouTube, which you may be watching this on right now. I went out to YouTube to say, hey, tell me about this executive order.

All I got with crypto firms and all I got was the president just legalized fintech accounts at the Fed. That seemed to skip a few steps, but needless to say, they're all excited about this. No harm, no foul, fintech firms just trying to be fair and protective. Okay, right now non-bank payment companies need a bank partner.

to access the Fed. In any payment system you look at, there is a financial institution in the mix, most likely on both ends. So on the send side, a financial institution is the final step connection to the operator, the Fed. And on the receive side, it goes through a bank, a credit union, a financial institution on the receive side. So they're the gatekeepers. They've done all the regulation, they've done all the examinations.

and they know that they're responsible if something goes wrong. They're responsible to make sure their fintechs are following all the requirements that the bank follows. But the bank's not a regulator, it's a company. They need each other. Fintech right now can't go straight to the Fed. So they need to have a relationship, they need to have agreements.

Joe Casali (17:23.118)
and contracts and policies, procedures, reviews, all of that. If the Fed opens itself to fintech accounts,

The dependency is gone. All the rules and the enforcement and the review that a financial institution would do, again, not an examiner, gone. Large fintechs root around the banks entirely. They wouldn't need a user bank to get to the system. Right now, for example, FedNow, if the biggest fintech company in the world wants to send the payment through FedNow, they need a financial institution.

how it works. It is a seismic shift. This is a big deal. not, you know, think of the little legs under the water with the ducks, swimming, swimming, lot going on. So I try to be fair. I used AI. This is not all Joe's opinion. I try to be fair. So I think we ended up with three or four scenarios of what could happen. So scenario one, complete failure.

Executive orders are not laws. They're not regulations. It's not the Federal Reserve Act. It's an executive order. It's a document from the president saying, this is what I want to happen. It directs agencies to do reviews, write letters, make suggestions, set timelines. The Fed, simultaneously, the next day the Fed sent out an RFI saying, hey, we already got your opinion on these what we call skinny accounts.

Fintech accounts, we had some questions after all the responses you gave us. Can you answer these questions as well? The Fed is still pursuing this. What happens sometimes with these executive orders? I said it was 60 days, 120 days. Sometimes those deadlines get skipped. Sometimes the report gets filed, but nothing happens with it after that.

Joe Casali (19:35.351)
and nothing changes. Result, large fintechs get OCC charters anyway, leaving the partnership model. Small fintechs keep navigating 50 states of patchwork, and the CFPP non-bank supervision stays dead. And just for the note, recently the OCC has been issuing special charters to fintechs. There are several that already has received them. So they are...

complying with the OCC's version of regulation. The fragmentation gets worse, right? Because now you have banks and non-banks having bank charters and maybe these non-bank, bank chartered financial institutions get Fed accounts, maybe they don't. And the consumer in rural Montana, there's still no state license, there's still no federal examination and there's still

No regulatory backstop. That's scenario one, nothing. Scenario two, partial implementation. This is the most likely to occur according to my AI. 90 day agency's review happens. It's outdated guidance gets rescinded. So if there's some laws, and this happens a lot in the past year. The OCC had previously issued

should not be touching crypto. Do not ban crypto. Don't do it. They rescinded those. So all those don't ban crypto went away and now you can ban crypto. OCC will streamline its charter procedures. There were 14 applicants in 2025. Coinbase, Affirm, Revolut are all pursuing these OCC charters. Large fintechs get chartered, regulated and examined. Problem solved for them.

Right? So they said, we'll drink the Kool-Aid, we're in, we will be regulated. And they follow the rules, consumers get protected, processes happen. Small fintechs. happens to Joe's fintech? I started it last week or next week, whenever I started it. They're still going to be navigating 50 states' words of licensing, all different ways that you have to be registered in all the states.

Joe Casali (21:59.855)
report, the executive audit report, section four, all the reports get done and they sit in bureaucratic purgatory. Consumers, mixed results, right? So maybe they're getting large charted fintechs with more protection. States with outdated money service laws are still, they're still exposed to that and it's still the geography lottery. Scenario three, right?

Good story, the good path. OCC fast tracks charter pathway. Mid-sized companies, not just the giants, also can now get the OCC charter. The Fed establishes direct access framework for qualifying non-banks. They implement these accounts. The Genius Act stablecoin framework, coherent federal license tier forming. So if you know

The Genius Act, it said, hey, states, you need to form all these rules for managing stablecoins. And if you don't, the Federal Reserve will probably do that. So there now becomes a federal stablecoin regulation. Again, lots of requirements. There is a structure for that. Consumers get a federal floor. New York or Montana, same baseline. There's the same floor. You can't fall below the floor. You'll still get some.

measure of protection.

Joe Casali (23:32.847)
Bank partnerships model evolves, right? Because now there is no longer that need, that demand to have a financial institution in the mix. It's going to affect the strategic infrastructure. There's going to be changes to that. scenario four, right? This is even better. This is full success. Tiered federal licensing framework for payment fintech. Small innovators get a sandbox with federal standards, right?

I'm small, so I'm going to get access to try out, how could this work with consumers? Let's stress test my solution. Mid-tier, we'll get a streamlined federal payment charter. And systemically important now, we eliminated that word, but we're going to bring them back. They will be approaching regulatory exams, all the same things financial institutions look at. Right vision, hardest path.

it does require, just like the Federal Reserve Act, does require Congress to get involved. It's not going to be done with an executive order.

So does this mean for banks? For banks, more fintechs are coming to your door for partnerships. Reputational risk cudgel is off the table, right? If you've heard all the pushback on what's considered reputational risk, reputational risk can no longer be used as the only reason not to give a company a license and access to accounts. So that's off the table. Examination exposure for partners failure may not change. So again,

The financial institutions are going to be responsible for reviewing their fintechs. Are you following the rules? Do you have a BSA program? You have to have a BSA program that matches our BSA program. So even though there's no regulator, the activity will be monitored and the financial institutions most likely will upgrade, follow through, make sure that the fintechs are doing what they're supposed to be doing.

Joe Casali (25:43.157)
you are still in the regulated entity when things go wrong. So the financial institution is still regulated when something goes wrong. There's still a regulation. There's still FDIC insurance. There's still NCIA protections. Due diligence is going to be leveled on how much due diligence is needed. So for the big guys, lots. For fintechs, maybe little fintechs like me, maybe more, but low, not as much as the big guys.

For financial institutions and community banks, watch this report, Section 4, analysis. So it's going to come out 60 to 120 days from now. It's probably going to be pretty quiet, but it has a deadline and may come close to the deadline. If direct non-bank access to the rails becomes a reality, fintechs will not need you the way they need you today.

The question becomes what value do you bring? You are no longer the keys to the kingdom. And when you no longer are the only gateway to the rails, what happens then?

For fintechs, So, fintechs, the environment is genuinely more welcoming than it was a decade ago. But the charter wave is telling you something. Largest players are choosing into the regulated tent. They're saying, I want a bank charter. I want this special charter you created. So, is that some writing on the wall? They want to be examined. They want the charter. They want the master account. Betting on the gap, staying open,

is a losing bet according to my AI. I don't want to give anyone advice. Again, these are my opinions and my AI. Now for consumers, this affects your money, right? I don't know if we've had it happen in a while, but what happens when the fintech disappears overnight? You had money in the fintech. Where's your money, right?

Joe Casali (27:51.939)
This could be a payment app, it could be a digital wallet, it could be your buy now pay later account. Whether those products are examined or not is abstract. The difference between the floor of protection and none, right? So in the new model, you'd have some protection, but none in the current model, perhaps.

Joe Casali (28:15.318)
right now in the country that the floor doesn't exist. it is, you know, I guess it is a good thing to, why don't we start talking about this?

That's the cage match. The executive order rang the bell, bing, bing, bing. Whether anyone wins or loses, it depends on the execution, it depends on the politics, it depends on any congressional action, it depends on the Federal Reserve. What do they do? Will they be bold? Will they be not? I will be keeping track at it. I'm sure I'll have another episode. Until a fintech collapses, funds are inaccessible.

Everyone asks how nobody was watching. How could this happen? How did we not know it was going to happen?

What are we doing about it? What are we protecting? How are we protecting them? Those are the big questions that I always think about. We're going to watch. That's it for this episode of Wrestling Payments. I'm Joe Casale, and if you stick around, there'll be an episode after the episode. Right before I send you off, I'm going to share another image. Just to think about, this is how I think about the landscape.

The AI did its own thing with that first image. I made it do my design in this second one. So here's what that looks like. And again, I'm going to put this in the notes, but on the one end, it's just no banks. get all the regulations and the examinations, the stuff holding it up. As we move along, large fintech, small fintechs, unregulated gap.

Joe Casali (30:07.07)
I'm with my new company next week is in this last little end, especially if I open up in Montana. you know, I showed this, you know Sean Carter, I showed this to Sean Carter. He raised a very good point, right? He said, why aren't there any potholes over in this first section? that's, know, failures happen sometimes in regular financial institutions, even if they have all of this examination. So it's not a perfect.

So I thought that was very good feedback. We're going to update. You might actually see the updated image if you download it. But that's it. Thank you very much. You should hear the ending out throw right now. And I'll be on the other side of the out throw.

Joe Casali (31:05.23)
So here's the thing, and this is what I think about as well, right? I like to think I'm strategic so I can understand all the concepts in that first topic, right? This executive order says do this, but I also dig deep, deep, deep, right? So as I'm digging deep, deep, deep,

Let's think of an actual payment example, right?

Thank you, actually. Thank you for being here. It's not the politics of the executive order for this. It's not the Washington process we're going to talk about. It's a rule question, right? And I can talk about safely four different payment systems because I know them. And all being discussed as direct access targets for non-bank fintech.

these new skinny accounts. These fintechs are chopping the bit because they want to get their own accounts so they can do transactions out of their own accounts. If you are a payment nerd like me, let's start with Fedwire. So Fedwire has regulations, has laws, it has state laws as well, right? UCC 4A is a state law that covers

credits. There are participants outlined in the models and the participants include sending banks, beneficiary banks. Fintech's not a bank.

Joe Casali (32:59.81)
Are they the sender? Can they be the sender and the sending bank? Who's going to cover the liabilities? UCC4A assigns liability all along the way. I don't remember if it's saying the FinTech takes liability. So what, what, what? What do you do there? What? How, how?

If the skinny counts go into effect in 150 days, right, because the administration says, just do it. Today is Friday. They just swore in the next Fed chair. So what if he says, we're doing it. Do it now. Go. What laws are they going to be following, right? FedNow, right? FedNow, new payment system, right? One of the newest. FedNow.

has operating procedures, it has operating circular eight, has some Reg J features in there. It also has sending banks, sending participants.

Not a fintech. It's not a fintech. It's a bank sending participant, sending financial institution, financial institution. There are, I don't even know if the third party's in the rules.

FedNow participation rules written for depository institutions only. And if I recall, one of the ideas was not only would these skinny accounts get a skinny account, they get FedNow access. Okay, but they can't do anything because they're not a financial institution. At least.

Joe Casali (34:58.194)
rules would have to be rewritten. And I think that's one of those domino things where someone says, let's rewrite the rules. Okay. we're going to have them do this. but they have to stand behind that and they should be examined. Are they examined? There's a lot there, right? The executive order, none of this is in there, right? None of it. None of this.

RTP, right? Let's talk about RTP as well. RTP, story. Financial institution, sending participant, receiving participant. In fact, they've gone recently, if you attend our training, they've have new frameworks in place to actually provide transparency when a third party is involved. So I can give you the example of MoneyGram, right? And MoneyGram gets involved and they are now

an on behalf of payment. Why are they on an on behalf of payment? Because when they're sending a payment through RTP, in this example, it's not their payment. It's my payment. It's Joe Schmo's payment. It's some consumer using them to send money. So all that has to be identified. That's the OBO model. There's a new IDS model coming out. Again, transparency. That one is a bank to bank transaction. That's where, if I understand it correctly,

a non-participating bank can send through a participating bank an RTP transaction. Guess who has to be identified? Every financial institution. There's no fintech in that mix. There's none. So they would have to update their rules. They would have to implement their rules. They can't implement their rules overnight. So still a lot there.

They do have settlement accounts. So there's the overlay. FedNow has a settlement account. RTP has a pooled settlement account. So I don't know if that's what they're thinking, that the magic, it's magic when those payments go through. ACH. So we did have unofficial responses from NACHA. Definitely not going to quote anyone, but they're not really interested in enforcing, hey, if you're getting a Fed account, you need to use ACH. They're like, okay.

Joe Casali (37:25.87)
It's not our business. You want to get a Fed account? Get a Fed account. We don't have a horse in that race. But what if some entrepreneurial Treasury person, executive department person says, well, they should get ACH. ACH is great. Everyone uses ACH. It's the best. We use it for Treasury. Can you please outline in the NACHA operating rules where a fintech carries a warranty?

because it ain't in there. It's not in there. We have originators, have ODFIs, we have the operator, then we have RDFIs, and then we have the receiver.

Fintech could be a receiver, Fintech could be an originator. Fintech could even be a third party sender, which I didn't say. But the warranties are the originating depository financial institution warranty, not the Fintech with a Fed account warranty. So what's that? How does that happen? How do they participate? It's interesting.

I know if I have it here. I have all my notes here. know, a payment is a payment because there's a warranty behind it. Because someone is, there's a law, there's a rule, there's a requirement that says, when I send a payment, I promise to pay it. I know it's right. I know it's authorized. If you have a problem, I will be responsible for that entry.

Joe Casali (39:06.614)
If you don't have the warranties, it's just some information on a screen, right? It's not a payment because if you're sending me a million dollar payment and you expect me to give my customer a million dollars that you promised to give me, but you could fail because you're not regulated and I don't know what you're doing and you don't ever agreed to abide by a warranty because it doesn't exist. Why would I give you them the money?

Seems, you know, not a lawyer, not the top brass anywhere, but seems to me that there is nothing supporting that payment in the rules, in a law.

Joe Casali (39:54.575)
The other thing that came out recently was the PACE Act. That was the idea of a skinny account. was non-bank, direct FedACHAccess. That's the one that had FedACHAccess. So you get a skinny account with FedACHAccess. Well, that's lovely. FedACHA. No, it's FedNow. I don't think it's FedACHA. I hope it's not FedACHA because they're not a participant.

They're not, I mean, some legislator could say, well, yeah, they'll just send it. Okay, but they're not in the rule book. There's no FinTech in the rule book. There's an originating depository, financial depository institution. So I don't know how that happens. Notch operating rooms have no participant category for this type of entity. Sorry, my notes. The D in ODFI is not

It's not a technicality. It's a real thing. Option one, fintech still originate under ODFI routing number. Now, you do need a routing number to use the ACH. We can use the ACH as an example here. You have an originating depository institution. The ODFI is going to be responsible for all those entries. It has no idea what they are because they're exchanging at the Fed.

didn't go through the ODFI, there wasn't any transparency for the ODFI, seems more risky, not less. There's no exposure limit for the FinTech. So option two, let's say the FinTech gets its own routing number, NACHA rewrites Article 1. Again, go back to the warranty. Who holds the warranty? There's no warranties, right?

The ODFI warranties are the ODFI warranties, hence the name. Option three, nobody figures this out before access goes live. Returns pile up. RDFI asks, who do I pursue for this debit return because they're rejecting all my debit returns. In fact, rules enforcement in the ACH is rules enforcement on an ODFI and rules enforcement on an RDFI. So if

Joe Casali (42:16.834)
someone let the fintech into the camp, gave them a routing number, allowed them to send entries, and they violate the rules. The rules have no teeth for this fintech because they're not the ODIFI. They're not the RDFI. Those are the only two parties that the NACHA can go after. So, challenge.

Again, I misaligned my speaking points. It's all about the warranties, right? So who is going to, not knowing what these fintechs are going to do, who allows the fintech to send entries? Who looks at the Terminator to Originator database and updates it if the Originator goes bad?

is the fintech. The fintech, it's not in the rule book right now. The good example here, and it is a good example, think, this is a big risk nightmare, right? So there was a recent story about Synapse Financial. What happened there? Synapse was a third party of fintech. They partnered with a financial institution to provide some sort of wallet. I only know the surface story. They provided some sort of wallet.

to customers. And if you understand how this sort of relationship works, Synapse would have the bank account, the account at a financial institution. And on the other side, they would provide wallets to all their customers and say, you have this amount and this amount and this amount, and all those amounts add up to the deposits in the bank account.

I don't want to get sued. Synapse couldn't do that. They could not reconcile the amount in the wallets against the amount in the bank account. Consumers got hurt, funds were inaccessible, bankruptcy court got involved, fintech offering services. A direct access model failure could be worse.

Joe Casali (44:44.04)
the banking as a service, there was a chartered bank somewhere that did their due diligence, probably maybe didn't do it well or believed it when sign up said, we got this. When it's direct access, there's no other party. No one's looking at them.

Five questions for the rules table for the after episode.

Question one, does not you need to consider a new participant category? Question two, who performs ODIFY equivalent due diligence on these fintechs? Question three, return and dispute resolution framework, how do returns work? Are they gonna work? I think I would throw the warranties in there, right? Who bears the risk of settling those transactions? Question four.

What happens when a direct access non-bank fails? Not that we're going to think negatively, but institutions fail. And question five, same question for a FedNow and RTP. How is going to change the rules? What's going to happen? Do they need to? Do they need to consider that?

Joe Casali (46:02.126)
Accessing new systems without rule infrastructure is not innovation. It's exposure. Payment systems are not just the plumbing. They're the trust architects. Every rule, every warranty, every participant has an obligation. The policy question is not whether non-bank firms belong in payments. They already are. The question is under what conditions?

they? What are the safeguards? What are the checks and balances and soundness and BSA and all of that stuff? The executive order, the PACE Act, the Fed payments account proposal, they sent out their own. It's just the opening bell. The rule work is the whole fight. How will the industry's to consider or not consider this? Right now,

We have not started training for it.

Again, thank you for joining my post episode. I'm Joe Casale. I will see you next time. There's going to be just silence when I leave. Thanks. If you want to be on the podcast and argue with me about any of these, I welcome you and I'm a great learner. So if you have a different viewpoint, let me know.