Madison Obata

Associate Editor

Loyola University Chicago School of Law, JD 2026

As a result of Synapse, a banking as a service (BaaS) provider, declaring bankruptcy back in May 2024, millions of users were unable to access accounts for at least two weeks. Synapse was a startup that had contracts with 20 banks and 100 financial technology (fintech) companies. When the company filed for bankruptcy, it shut down its services to comply with banking laws to ensure that all customer deposits were accurate. Despite the word “banking” in BaaS and customers having credit or debit cards, Synapse is not like other banks. It is distinguishable, because it is not backed by the Federal Deposit Insurance Corporation (FDIC), like other traditional banks are. In the aftermath of the lock out, the FDIC has proposed a new rule to force banks partnered with fintech apps to strengthen record-keeping.

What was Synapse?

A fintech company that wanted to improve and automate the delivery of financial services. Fintech includes bank technology like Bitcoin or lending apps. As a fintech company, Synapse’s goal was to launch financial products, which included automated clearing house (ACH) transactions and debit card processing. Synapse partnered with other digital banking companies and FDIC-backed banks to bring in deposits. Essentially, Synapse served as a middleman between apps and banks. Several partnered companies were impacted and, during the shutdown of Synapse, there was about $85 million in Synapse’s customer savings that were missing.

The continuation of the fallout

After a failed acquisition, closed customer accounts, and a CEO that was already onto his next startup project, an emergency motion was filed to convert the bankruptcy riling to a liquidation filing. In July 2024 with accounts still frozen, several U.S. senators demanded in a letter that Synapse restore customers’ access to their money. At the time of the letter, the company still needed to reconcile and release a remaining $158.6 million to customers with $65 million to $95 million funds still missing.

New rules

The new proposed FDIC rule focuses on accounts opened by fintech companies or “nonbank companies” that are partnered with banks. Even though a company like Synapse could fail, it does not mean FDIC insurance will be triggered and “it depends” if a consumer’s money will be eligible for FDIC insurance coverage.

The new rule also defines the steps that companies must take to ensure accurate account records. The record keeping requirement applies if a bank uses a third party to maintain records, which is similar to the issue Synapse faced with the missing money and unreleased funds. The requirements do not only apply to fintech companies, but to brick-and-mortar banks as well. Even if a customer uses a fintech banking company, their money will most likely end up in a traditional bank and customers most likely do not know which banks have their money. The recording requirement will mean fintech companies and banks will have to keep track of customer identities and bank balances.

If the proposed rule is enacted, internal banking compliance procedures would include accurate account balances and daily reconciliations to help protect customers in the future.

Next steps

The collapse and fallout of Synapse proves vulnerabilities within the fintech sector, particularly concerning customer protection and regulatory oversight. Synapse’s bankruptcy left millions unable to access their accounts and exposed gaps in recordkeeping. The proposed FDIC rule is a crucial step toward reinforcing the security of customer deposits. If there are better recordkeeping standards for both fintech companies and banks, there are clear rules for identifying and safeguarding funds. For consumers, the new regulations would help clarify which bank holds their money and ensure that there are daily reconciliations, which offers more transparency and protection.

Even though there is a way forward, like Jonathan McKernan, the Director of the FDIC Board of Director, pointed out in his statement, there are still a number of questions. For example, with these new proposed rules, will there be too much burden place on consumers? Will there be new security and privacy vulnerabilities with proposed rules? Is there a more direct way to achieve the goals of the proposed rules?

Although these questions go unanswered for now, this response proves that there is a need for stringent regulations as fintech continues to expand its role in the financial services industry. These proposed rules should not be the responsibility of the consumer, especially when it comes to consumers’ money and savings. However, in this modern world, banks should hold most of the responsibility because banks will have the means to protect itself and consumers from privacy attacks.