As more small banks embrace Fintech partnerships - especially BaaS programs, they allow fintechs to operate under their regulatory umbrella. This means the bank’s charter, compliance obligations and risk appetite extend to the activities.
While these partnerships open doors for growth and innovation,they also expose the bank to new layers of risk. Therefore when a suspicious transaction occurs within a fintech partner’s ecosystem, the bank remains ultimately accountable for complying with regulations, including AML and BSA obligations.
When a transaction triggers a red flag in the bank’s monitoring system, a compliance officer steps in to investigate. Their goal is to determine whether the activity is genuinely suspicious or simply unusual. This involves asking a series of critical questions:
If the answers are unclear or raise additional concerns, the investigation deepens. At this point the compliance teams begin reviewing supporting evidence - invoices, contracts, ID documents, bank statements, and other records.
Once a case is reviewed, the officer may request more information, file a Suspicious Activity Report (SAR), or offboard the customer entirely.
This process can be labor-intensive and time-sensitive—especially for smaller banks managing multiple fintech partnerships with limited resources. That’s where Across helps. We support compliance teams through end-to-end support: real-time transaction monitoring, post-event investigations, and RFI coordination with fintech partners.
Here are just a few real-world examples where we helped our partners uncover deeper risks:
A wire transfer to a company (let’s call it WizeTech) initially appeared legitimate - it was backed by a contract and labeled as a SaaS fee. But once we investigated, inconsistencies quickly surfaced.
What seemed like poor documentation turned out to be a calculated effort to obscure financial activity.
A $3400,000 wire claimed to be a membership payment raised questions after the membership agreement listed a different recipient altogether. Our investigation flagged several issues:
With mounting inconsistencies and insufficient documentation, the customer was ultimately offboarded.
A $94,000 transaction from an online gaming company that initially looked routine was part of a larger suspicious pattern.
We initiated an RFI asking for business model clarity, gaming licenses, and beneficiary details—because in sectors like gaming, transparency is non-negotiable.
At Across, we don’t just flag anomalies, we help banks and credit unions understand them. Our platform combines real-time and post-event monitoring, to surface inconsistencies, manage investigations, and guide the bank’s team with actionable insights
As fintech partnerships grow in scale and complexity, so do compliance expectations. The federal regulators have made it clear - banks are accountable for all activities under their charter - even those delivered by third-party partners.
With Across, we give you the clarity, confidence, and control needed to protect your institution, your customers, and your charter.
Disclaimer: The cases shared in this blog are based on actual investigations, however, the details have been altered. These examples are intended for illustrative purposes only.
