The Rise of Embedded Finance 2.0
In a bold move reflecting a broader industry trend, accounting software giant Xero recently acquired Melio for a staggering US $2.5 billion. The aim? To integrate Melio’s bill-pay infrastructure directly into Xero’s cloud-based ledger, signaling a major shift in the payments landscape. Rather than traditional banks or digital-first neobanks leading the next wave of payment innovation, it’s now software providers—once far removed from financial services—taking center stage.
This evolution, dubbed Embedded Finance 2.0, represents a paradigm shift. Platforms like Toast, originally a provider of point-of-sale systems for restaurants, now offer working capital loans to over 100,000 establishments through Toast Capital. Similarly, Shopify enables merchants to process card payments, manage funds through Shopify Balance, borrow against receivables, and potentially even hold deposits if regulators approve such a move in Canada.
The strategy is clear: leverage the constant stream of user data flowing through these platforms to offer real-time financial services. Instead of assessing last quarter’s financials, these platforms can anticipate a merchant’s next-day revenue, enabling near-instant credit decisions. Analysts estimate the embedded finance market will soar to US $146 billion in 2026, with projections hitting US $690 billion by 2030.
Regulatory Challenges Loom
However, this rapid expansion isn’t without hurdles. Most SaaS platforms offering banking-like services do not possess bank charters. Instead, they partner with community banks like Evolve, Cross River, or Sutton. While this arrangement sufficed when the goal was limited to earning interchange fees, it appears insufficient now that these platforms handle payroll, taxes, and significant cash reserves.
Recent failures, such as the Synapse collapse that left customers stranded without access to their funds, have caught regulators’ attention. U.S. agencies like the FDIC have issued consent orders to sponsoring banks, requiring them to maintain real-time oversight of fintech partners, enhance anti-money laundering protocols, and ensure board-level accountability. In some cases, regulators are even conducting on-site inspections of fintech offices.
One proposed rule would mandate sponsor banks to track end-user balances at the individual account level—an operational challenge that could render current BaaS (Banking-as-a-Service) models economically unviable. The increased compliance burden may push platforms toward acquiring money-transmitter licenses or pursuing full national bank charters, both significantly more demanding undertakings.
Globally, similar scrutiny is unfolding. The UK’s Prudential Regulation Authority is evaluating BaaS models, and Australia’s APRA remains firm on not easing banking regulations for tech companies. Whether in London, Washington, or Canberra, the consensus is clear: regulatory crackdown is not just a possibility—it’s already happening.
Navigating the Tightrope
So how can SaaS companies pursue embedded finance without falling afoul of regulators? Some well-capitalized firms are moving toward acquiring full bank charters. For example, Intuit already operates under an OCC-approved industrial loan company license, while Shopify is rumored to be exploring a Canadian Schedule I bank charter to access central bank rails directly.
Owning a charter eliminates dependency on partner banks, allowing direct access to clearing systems like FedNow or SEPA Instant. It also converts holidays and settlement times into manageable metrics. But it brings new challenges: capital adequacy ratios, stress testing, and regulatory scrutiny that can rival traditional banks.
Mid-sized platforms are diversifying their sponsor relationships to mitigate risk. Stripe, for instance, works with multiple partner banks globally, while Adyen strategically splits user deposits between its European and U.S. entities to avoid cross-border complications. This approach provides a buffer against sponsor bank failures but adds significant complexity to backend systems.
Meanwhile, a new cadre of BaaS providers—like Unit, Treasury Prime, and Griffin—are positioning compliance as their core offering. Their platforms offer built-in KYC, real-time ledger tracking, and FDIC-compliant dashboards. These tools relieve SaaS companies of some regulatory burdens, provided the BaaS providers stay ahead of evolving compliance standards.
Potential Impacts on Innovation
Ironically, increased oversight may reinforce the position of traditional banks, the very institutions fintech aimed to disrupt. Community banks, already operating on thin margins in these partnerships, may exit the BaaS space altogether, leaving only large banks capable of absorbing the compliance costs. Additionally, policymakers are reportedly considering deposit-rate caps to prevent “shadow banks” from luring customers with higher yields, potentially stifling innovation at a time when businesses need affordable credit options the most.
Despite these risks, investors remain cautiously optimistic. While the venture capital sector still bears the scars of past BaaS failures, the potential for deposit and lending revenue is too substantial to ignore. Boards are now faced with a pivotal decision: invest heavily in compliance infrastructure or retreat to a safer, subscription-only model.
The Road Ahead
If Embedded Finance 1.0 was about adding a “Pay” button, version 2.0 is about becoming a full-fledged balance sheet. Winning platforms will be those that view compliance not as a hindrance but as a strategic asset. That means real-time ledgers that regulators can audit with a simple API call, seamless integration with instant settlement systems, and transparent credit models that earn supervisory trust before shareholder applause.
Where SaaS founders once bragged about daily active users, tomorrow’s leaders may tout their Liquidity Coverage Ratios. Although expensive and complex, the regulatory embrace may be inevitable. If embedded finance grows large enough to pose systemic risks, oversight must follow the money—directly into the platforms where it moves.
The name on your business debit card may soon be Shopify, Toast, or Xero. But the compliance engine beneath it must think like JPMorgan: careful, conservative, and fully in tune with regulatory demands. The next phase of embedded finance won’t be won by the fastest to launch features, but by those who can manage risk so well that regulators become allies instead of obstacles.
This article is inspired by content from Forbes. It has been rephrased for originality. Images are credited to the original source.