In BaaS, Partner Operations Become Issuer-Level Network Risk

Written By Steven Leitman

In BaaS, a partner’s ops can become an issuer-level network(scheme) compliance problem.

I was speaking recently with a large issuer and BIN sponsor about how network compliance is changing in BaaS. Most banks already know a single program can create outsized risk.

What’s changed is the scale and speed, because performance is increasingly assessed at the issuer level. Visa’s Issuer Monitoring Program (VIMP) makes that real for a lot of teams.

For example, in a BaaS model, fraud and disputes don’t stay contained; they roll up across the book. So one fintech’s operational gaps can affect every program under the same license.

The hard part isn’t agreeing on compliance. It’s the operational burden:
- getting every partner the latest requirements
- chasing status on who implemented what (and when)
- having evidence you can actually rely on

Trying to run that through email threads, shared folders, and periodic check-ins is starting to break. Those tools capture communication, not control.

One issuer put it in a way that finally landed with leadership: traditional issuing is one perimeter. BaaS is many moving perimeters tied to the same license.

BaaS will keep growing, and network expectations will keep tightening.

Steven Leitman

Steven Leitman is Managing Partner of Consulting Resource Group (CRG), a payments consulting and platform firm that helps issuers, acquirers, and BIN sponsors improve profitability through network (scheme) fee optimization, interchange economics, and disciplined cost governance. CRG's Payment Economics practice (CardTraq) includes a suite of platforms designed to manage Visa and Mastercard network fees, interchange performance, and ongoing network rule changes. CRG works with some of the largest global issuers and acquirers.

His work focuses on the economics beneath card programs: Visa and Mastercard network (scheme) fees, pricing structures, interchange qualification, and the hidden cost drivers that materially impact P&L. A core theme is making network compliance measurable and continuous, with data structures, governance models, and platforms that provide ongoing visibility into compliance-driven cost, risk, and fee leakage rather than relying on one-off interpretation exercises.

Steven brings hands-on experience from senior roles at Visa, American Express, and Deloitte Strategy. He publishes regularly on LinkedIn on Visa and Mastercard fee changes, interchange reform, and network compliance.

https://www.linkedin.com/in/steven-leitman/
Previous

Illinois Interchange Ruling: No Swipe Fees on Taxes and Tips - What It Could Mean for Issers
Next

Agentic Commerce: Revenue, Risk, and Complexity Across the Payments Stack