Digital Transformation

Hot Topic

Industry Domain

Banking & Insurance Strategic Trends (2026–2028)

By Gaurav Agarwaal

Published March 12, 2026

4.6K |

0:00 0:00

PART 1/2 — Banking &amp; Insurance Strategic Trends (2026–2028) The definitive shift: from processing money to executing intent—with provable trust For years, banks and insurers could treat change like a queue: modernize the core, digitize the channel, add controls, repeat. The system assumed time—time to plan, time to roll out, time to catch up. That assumption is gone. From 2026 to 2028, BFSI is being pulled into a new operating reality where volatility is continuous, money is programmable, distribution is intermediated by platforms and AI agents, and regulators expect outcome-proof—not policy statements. In that world, the winners won’t be the institutions with the most transformation projects. They’ll be the ones that become governed execution engines. Here’s the story that connects everything: Macro turbulence turns balance sheets into moving targets: tariffs, fragmentation, and rate ambiguity force continuous portfolio action—not annual cycles. To respond at that speed, institutions shift to the agentic enterprise: not AI that suggests, but AI that executes within auditable boundaries. Once execution becomes software, money becomes software too: real-time rails, stablecoins, tokenization, and programmable settlement start pulling profit pools into new layers. At the same time, the buyer changes: not just younger customers and wealth transfer—agents and embedded platforms increasingly originate the transaction, rewriting discovery, distribution, and loyalty. Speed + new rails + new intermediaries expands the blast radius—so resilience becomes the product: fraud industrializes, deepfakes scale, non-human identities explode, and regulators enforce effectiveness. That forces a rebuild of the hidden foundations—invisible infrastructure—because you can’t govern agents or prove decisions without semantics, observability, and modernized cores designed for change. And the end-state isn’t just faster banking and insurance—it’s different business models: prevention over payout, living benefits over death-only, platforms over products, sustainability and protection gaps reshaping risk and capital. One sentence to anchor the entire article: BFSI is shifting from institutions that process transactions to institutions that execute intent—at machine speed—with audit-grade trust—across programmable rails—under permanent volatility. META FORCE I — MACRO TURBULENCE (2026–2028) Trend #1: Tariff-Driven Credit Stress &amp; Portfolio Recalibration Tariffs don’t just raise costs—they re-route cashflows. They reshape suppliers, corridors, inventory positions, and working-capital cycles—often faster than financial statements can reveal. In 2026–2028, tariff risk stops behaving like a “macro factor” and starts behaving like a supply-chain system shock that hits credit quality through liquidity strain first, not defaults first. (Bank for International Settlements) Article content The shift is from sector-level stress views to corridor + counterparty + cash-conversion intelligence. For years, institutions treated tariffs as a scenario overlay: adjust assumptions, run a quarterly stress, tighten underwriting. That approach is structurally late in a world of elevated trade-policy uncertainty and rapid trade rearrangement. The new winners instrument portfolios around where stress emerges earliest—invoice friction, DSO creep, inventory cash traps, supplier fragility—and they act while they still have options: reprice, restructure, and redeploy capital into the new corridor map. (World Trade Organization) Three forces converge here: Trade policy uncertainty is now a persistent operating condition Global institutions are explicitly warning that tariff increases and uncertainty are not “one-off headlines”—their impact compounds over time, changing investment, sourcing, and trade volumes. (World Trade Organization) The first damage shows up as working-capital stress, not immediate credit events Tariffs tie up cash in inventory, compress margins, and increase volatility in receivables/payables cycles—creating liquidity strain that precedes rating migration and covenant breaches. (KPMG) Disruption creates a short revenue window for banks that can move fast As corporates reconfigure supply chains, they need liquidity tools, trade finance modernization, and corridor-specific risk solutions—turning turbulence into a moment to win SCF/trade finance share if risk and product move together. (McKinsey &amp; Company) Business impact Lower loss severity: earlier intervention (repricing, covenant resets, restructures) before default momentum builds. Faster portfolio control: limits move from periodic review to trigger-driven action tied to corridor signals. Better concentration management: hidden correlated risk becomes visible (shared suppliers, shared corridors, shared import dependencies). Revenue upside: SCF/trade finance and treasury liquidity offers attach naturally to “rebuild the corridor” client moments. (KPMG) CXO CTAs Map tariff exposure borrower-by-borrower (not sector-by-sector): tie top exposures to corridors, supplier concentration, input categories, and pass-through ability. (Deloitte) Install trigger-based stress testing: DSO spikes, invoice dispute rates, freight lead-time jumps, inventory drawdowns → automatic review and action. (KPMG) Operationalize dynamic repricing with governance: pre-approved guardrails and escalation paths so repricing happens in weeks, not quarters. Stand up a cross-border exposure cockpit: corridor limits + legal constraints + concentration + early-warning signals in one control view. Turn it into a client offer: “Tariff Resilience” packaged as restructuring + liquidity + SCF/trade finance modernization with one accountable owner. Trend #2: Geopolitical Fragmentation, Sovereign Stacks &amp; Regulatory Divergence Geopolitics is no longer “context” for BFSI. It’s becoming architecture. As blocs harden and rules diverge, banks and insurers are being forced to operate like federations: different data rules, different AI obligations, different resilience regimes, different crypto frameworks—sometimes inside the same group. The strategic shift is from “global standardization” to sovereign-by-design execution: regional control planes, data/model residency, and policy-driven routing for decisions, payments, and risk. Article content The shift is from one global operating model to multi-sovereign execution with provable control. For decades, institutions optimized for scale: common platforms, shared data lakes, centralized models, and cross-border service centers. In 2026–2028, that creates friction and risk. Divergence is rising across AI governance and operational resilience (EU), digital assets regulation (EU), and cross-border data regimes—while the U.S. posture is increasingly skeptical of localization and sovereignty mandates. (See EU AI Act timeline and rollout commitments in EU digital strategy and reporting on “no pause” implementation in Reuters. Also see data-sovereignty pushback posture in Reuters.) Three forces converge here: Regulatory regimes are colliding—especially in Europe Europe is raising the compliance floor through a combination of resilience rules and digital-asset frameworks: Sovereign stacks become mandatory, not ideological Data sovereignty is increasingly treated as national security and systemic-risk policy. Fragmented cross-border data-transfer regimes are accelerating, forcing regulated firms to design for residency, lawful access constraints, and regional operations. (CIGI paper on cross-border data transfer regimes, plus current sovereignty debate coverage in the Financial Times) Legal + contract complexity explodes—at scale Fragmentation doesn’t only change compliance; it changes obligations: client contracts, vendor terms, outsourcing agreements, SLAs, data-processing addenda, model-use restrictions, recordkeeping, and audit rights. Institutions need “renegotiation at scale” capabilities, because multi-jurisdiction divergence turns contract management into a balance-sheet risk lever. Business impact Cost &amp; efficiency: duplicated controls, regional processing, and multi-cloud requirements raise cost unless you standardize how sovereignty is implemented (common patterns, reusable guardrails). Speed &amp; adaptability: transformation velocity depends on whether policy can be pushed into platforms (controls-as-code) instead of being re-litigated in every project. Risk &amp; resilience: the risk is no longer “non-compliance” alone—it’s operational breakage at borders: data flows, model routing, incident response, and vendor dependencies. Revenue opportunity: fragmentation is also stimulus—Europe is explicitly mobilizing large-scale defense and resilience investment, creating demand for financing, treasury services, risk transfer, and infrastructure underwriting. (See the EU’s ReArm Europe / Readiness 2030 mobilization framing. (European Commission)) CXO CTAs Create a “Sovereign-by-Design Reference Architecture”: define what must be regionalized (data, models, keys, logging, incident response) vs what can remain global (standards, patterns, telemetry schemas). Build regional AI and data control planes: policy-driven routing, residency enforcement, encryption key jurisdiction, and audit-grade observability—so you can prove where data/model execution occurred. Treat regulation as product constraints early: embed EU AI Act/DORA/MiCA obligations into build pipelines (controls-as-code), not post-launch remediation. (DORA baseline: EIOPA; MiCA baseline: ESMA) Stand up “contract operations at scale”: AI-assisted contract discovery, obligation mapping, and renegotiation workflows for vendors/clients—linked to governance and risk tiering. Exploit the stimulus lanes: set explicit coverage/financing plays for defense, infrastructure, energy transition, and resilience programs—pair underwriting appetite with treasury + risk transfer. Trend #3: Margin Compression &amp; Revenue Model Disruption The next margin shock won’t look like a crisis. It will look like physics: funding costs normalize, rate tailwinds fade, competition raises deposit betas, and customers keep migrating to lower-friction wallets and embedded rails. Net interest income becomes harder to grow on autopilot—so institutions either build durable noninterest engines, or they slowly shrink into utility economics. Recent bank results and outlooks already show the pattern: net interest margins compress while fee and wealth income become the stabilizer (see examples in Reuters on OCBC and Reuters on UOB). The strategic question for 2026–2028 is blunt: what is your revenue mix when spread income is no longer the hero? (Context on NII outlook: Deloitte Banking Outlook) Article content The shift is from spread-driven growth to portfolio + platform monetization—with a live threat to card economics. For decades, NII was the dependable engine and noninterest income was “nice-to-have.” In 2026–2028, that flips. Institutions need multiple fee and platform profit pools that can scale without breaking trust: financial media networks, treasury platforms, BaaS/open finance ecosystems, and data-driven offers—all operated like real businesses, not innovation theatre. Three forces converge here: NII tailwinds are fading; margin becomes contested Even in strong-profit periods, NIM pressure shows up quickly once rates and funding dynamics shift (see sector commentary and profit mix discussions in the Financial Times and 2026 outlook framing from Moody’s). Noninterest revenue is becoming the “second engine,” not the sidecar FMNs are the clearest signal: banks are monetizing first-party spend data through offers and transaction-based marketing (e.g., scale and offers performance highlighted by Chase Media Solutions and launch context in Reuters). Consumer lending faces policy risk—especially credit cards Rate-cap pressure is no longer theoretical. Industry and policy discourse is explicitly engaging a 10% cap concept (see ABA rate-cap research and legal/regulatory discussion of the proposal in Consumer Finance Monitor). Whether or not a cap passes, it forces institutions to model alternative fee architectures, underwriting shifts, and product redesign. Business impact Cost &amp; efficiency: margin pressure makes cost-to-serve unforgiving—forces a journey-level economics view (ties directly to AI FinOps later). Speed &amp; adaptability: revenue diversification requires faster product iteration, partner onboarding, and pricing experiments—without control failures. Risk &amp; resilience: new revenue lines introduce new risks: marketing compliance, consent/provenance, partner risk, model risk, and data-use governance. Revenue &amp; differentiation: institutions that build repeatable monetization systems (offers, treasury platforms, embedded distribution) outgrow those stuck in spread dependence. CXO CTAs Set a revenue-mix target now: define a 2028 ambition for noninterest income by line (wealth fees, payments/treasury, FMN/offer income, platform/API income) and track it quarterly like a capital ratio. Treat FMN as a business, not a slide: assign a true P&amp;L owner; hire retail media talent; establish advertiser-grade measurement and privacy-by-design (baseline capability examples: Chase Media Solutions). Industrialize BaaS/Open Finance with partner risk governance first: clear role accountability, SLAs, monitoring, and auditability—don’t scale distribution without controls (risk framing: Wolters Kluwer on BaaS risk). Pre-model a credit-card rate-cap playbook: redesign unit economics (fees, rewards, risk-based offers), adjust underwriting and line management, and build customer-safe alternatives before policy forces a scramble (policy context: ABA, Consumer Finance Monitor). Make “new revenue” operational, not aspirational: every revenue bet must have a distinct operating model—sales motion, controls, data permissions, and metrics. META FORCE II — THE AGENTIC ENTERPRISE (2026–2028) Trend #4: Agentic AI at Enterprise Scale The next operating model won’t be “digital + AI.” It will be agentic execution. Banks and insurers are moving from systems that recommend to systems that act—resolving disputes, reconciling ledgers, servicing customers, triaging claims, and progressing collections with bounded autonomy. That shift is not a productivity tweak; it’s a redesign of how work gets done, how decisions are governed, and how accountability is proven. McKinsey’s framing is blunt: AI pioneers can open up to a ~4 percentage-point ROTE gap versus slow movers—because execution capacity becomes a cash-flow advantage before it gets competed away. (McKinsey — Agentic AI will shake up banking) Article content The shift is from human-completed workflows to machine-executed workflows with audit-grade escalation. Most institutions are still shipping “copilots” that draft text and summarize cases. That’s useful—but it doesn’t change throughput. The step-change happens when agents can orchestrate multi-step work across systems (with guardrails), while humans intervene only at defined thresholds. Three forces converge here: Volatility demands execution speed, not just insight Macro turbulence, fraud pressure, and customer expectations create exception volume that humans can’t clear fast enough. Agentic systems compress cycle time by moving routine steps from queues into automation—with deterministic controls. Governance is shifting from policy to runtime control The moment an agent takes consequential action, “we have a policy” stops mattering. You need who/what/why traces, permission manifests, reversibility horizons, and escalation design that stands up in audit. Gartner is already warning that agentic AI without oversight is a risk pattern, not a capability. (Gartner — Agentic AI…risk without oversight) The ROI narrative is tightening Boards are done funding demos. Even industry observers note the transparency gap on realized ROI, and major outlooks cite how few banks publicly report realized returns from AI use cases—pushing a shift from “number of POCs” to “decisions and work units executed in production.” (Deloitte banking outlook referencing Evident, Evident AI Index (2025)) Business impact Lower cost-to-serve at the journey level: disputes, servicing, reconciliations, onboarding, and claims move from labor-cost curves to managed execution economics. Faster operating cadence: cycle times compress; exception backlogs shrink; change ships as agent “skills” rather than UI/process rewrites. New risk surface: prompt/tool injection, runaway automation, and opaque decisions shift risk from perimeter security to runtime governance. Organizational redesign: “junior bankers/adjusters managing agent squads” becomes a real operating model—supervising throughput, quality, and escalations rather than doing every step. CXO CTAs Pick the first 5 end-to-end agent workflows (not 50 copilots): disputes, claims triage, reconciliation, collections, and servicing are the highest-leverage candidates because they’re exception-heavy and measurable. Define human-in-the-loop thresholds like credit policy: what can be assistive vs decisioning vs autonomous; what triggers escalation; who is the named authority at the boundary. Build agent observability as a product requirement: every action needs a trace (inputs, tools used, constraints applied, decision rationale, outputs, reversals). Treat it as audit infrastructure, not logging. Engineer “reversibility horizons”: design every agentic workflow with undo windows, rollback paths, and safe-fail defaults—especially in regulated actions. Change the board metric: track “AI decisions/work units executed per day in production” + reversal rate + escalation rate + unit cost per journey. META FORCE II — THE AGENTIC ENTERPRISE (2026–2028) Trend #5: The 10x Bank/Insurer &amp; AI Economics The breakthrough in 2026–2028 won’t be “better models.” It will be cheaper, safer execution at scale. As AI moves from drafting to doing, BFSI is discovering an uncomfortable truth: AI turns operating cost into a variable COGS problem. Tokens, orchestration, monitoring, context windows, and accelerator capacity become a controllable (or uncontrollable) economic system. The institutions that win won’t just deploy agents—they’ll run AI like a unit-economics business, journey by journey. McKinsey’s warning is clear: AI creates a widening performance gap—AI pioneers can increase ROTE by up to ~4 percentage points if they reinvest their lead into operating model reinvention rather than scattered experimentation. (McKinsey — Global Banking Annual Review 2025) Article content The shift is from “AI as capability” to AI as managed industrial economics. Most banks and insurers still measure AI as a project: model accuracy, POC success, feature shipping. That framing collapses in production. Once AI sits inside disputes, claims, onboarding, AML triage, collections, or service, leaders need to manage it like any other cost engine: cost per journey, latency SLOs, quality thresholds, and continuous optimization. Three forces converge here: Inference becomes the dominant cost model AI spend is no longer mostly infrastructure you amortize—it’s invocations you meter. This forces a new management discipline that connects engineering choices (context length, retrieval strategy, routing) to CFO outcomes (cost-to-serve per journey). The FinOps Foundation now explicitly treats this as a formal domain (“FinOps for AI”) because traditional cloud FinOps misses token-driven economics. (FinOps Foundation — FinOps for AI, FinOps for AI overview) Optimization is now a first-class competitive weapon Cost and performance hinge on engineering levers most boards never tracked: routing to the right model tier, caching, batching, quantization, and context management. NVIDIA’s guidance shows why: optimizing inference for long context and KV-cache efficiency is directly tied to throughput and cost at scale. (NVIDIA — Optimizing inference with KV cache, NVIDIA — Inference optimization techniques) Capacity governance becomes strategic Accelerators are not just a tech procurement line—they are a constrained production resource that must be governed like liquidity: allocation by value, priority lanes for regulated journeys, and placement decisions across hybrid footprints. Business impact Cost &amp; efficiency: the winners create a measurable drop in cost-to-serve by managing unit economics per journey (onboarding, dispute, claim, decision), not “AI spend in aggregate.” Speed &amp; adaptability: routing/tiering/caching lets teams ship new capabilities without cost explosions—innovation becomes repeatable, not heroic. Risk &amp; resilience: AI cost controls become control controls: predictable spend, predictable latency, auditable decision traces, fewer runaway agent loops. Revenue &amp; differentiation: cheaper execution enables new product shapes (mass-affluent advisory, prevention services, embedded distribution) because marginal cost per interaction falls. CXO CTAs Adopt “AI unit economics” as a board metric: cost per onboarding / dispute / claim / decision, with quality and latency SLOs (not just model benchmarks). Stand up AI FinOps as a joint CFO–CTO operating cadence: usage visibility, chargeback/showback, and optimization backlogs tied to business journeys. (FinOps Framework, FinOps Framework 2025 update) Implement model routing and tiering by risk + value: cheap models for low-risk steps, stronger models only when needed; explicitly define “regulated thresholds” for escalation. Engineer caching + context discipline as policy: KV cache strategy, RAG limits, and context windows become cost policy, not developer preference. (NVIDIA — KV cache optimization) Treat accelerator capacity like a governed pool: allocate by ROI and criticality; create priority lanes for fraud/AML/cyber and customer-critical moments. Trend #6: AI Underwriting, Claims &amp; Credit Revolution Underwriting, claims, and credit are becoming real-time decision systems, not periodic assessments. For decades, BFSI “decided” at moments: underwriting at issuance, credit at origination, claims after loss. In 2026–2028, that cadence breaks. With richer signals (cashflow, behavior, device, image/video, network risk) and agentic workflows, institutions shift from batch judgment to continuous, explainable decisioning—with provable traces that regulators and customers can challenge. This isn’t optional. Supervisors are explicitly flagging that lack of explainability creates prudential concerns and can impede compliance assessment. (Bank for International Settlements) Article content The shift is from document-based decisions to signal-based decisions with audit-grade “why.” The winners will redesign three engines—credit, underwriting, and claims—around the same principle: autonomy where safe, explanation always, escalation when consequential. Three forces converge here: Decisioning is moving from “point-in-time” to “continuous” Real-time data allows underwriting and credit models to adjust as behavior and exposure change—reducing adverse selection and catching deterioration earlier (especially in cashflow-linked lending and usage-based/IoT-linked coverage). Claims is becoming a triage-and-settlement pipeline, not a back office Computer vision and NLP are now mainstream patterns in claims automation—especially for auto and property triage—turning intake into a structured workflow that can fast-track low-risk claims and isolate fraud/complexity early. (EIS) Explainability is the price of autonomy The more AI moves toward decisioning, the more “because the model said so” becomes unacceptable. Regulators and MRM frameworks still expect governance, validation, and ongoing monitoring—even when models evolve. (Federal Reserve) Business impact Cost &amp; efficiency: straight-through processing expands (especially for low-severity, low-fraud claims), shrinking manual handling and rework. (EIS) Speed &amp; adaptability: underwriting and credit become faster to adjust when markets shift—limits, pricing, and appetite can move with signals, not quarters. Risk &amp; resilience: fraud detection improves through multi-signal scoring; bad risks are surfaced earlier; model decisions can be defended with traceability rather than intuition. (Bank for International Settlements) Revenue &amp; differentiation: better precision pricing + faster settlement becomes a growth lever (retention, NPS, and selective expansion into under-served segments). CXO CTAs Define “autonomy boundaries” for regulated decisioning: assistive vs decisioning vs autonomous; set escalation thresholds and named authorities (credit, claims, underwriting). Make explainability a product requirement, not a compliance afterthought: require counterfactual explanations, reason codes, and reproducible decision traces for every consequential outcome. (Bank for International Settlements) Re-architect claims as a triage factory: vision/NLP at intake, fraud scoring early, parametric fast-pay lanes where triggers are objective, and human adjusters focused on high-severity complexity. (EIS) Instrument model drift like operational risk: live monitoring, challenger models, and feedback loops from disputes, appeals, and reversals into governance. (Capgemini) Tie the business case to unit economics: cost per claim settled, cost per credit decision, time-to-quote, time-to-settlement, and reversal/appeal rates—manage them like P&amp;L levers. Trend #7: AI Governance, Controls-as-Code &amp; Risk Tiering AI governance is no longer a policy binder. It’s becoming runtime infrastructure. As AI shifts from “assist” to “decide” to “act,” BFSI is being pushed into a new standard: prove control continuously, not periodically. The EU’s AI Act is the clearest forcing function—rolling out obligations in phases (including general provisions and literacy, then general-purpose AI governance, then high-risk obligations) and pulling governance from compliance theatre into engineering reality. (European Commission — AI Act timeline, EU AI Act policy page) (AI Act Service Desk) Article content The shift is from model governance after the fact to controls embedded at build-time and enforced at run-time. Most institutions still govern AI like a project: a model review, a sign-off, an annual validation cycle. That collapses in agentic systems, where actions can be chained, tools can be invoked, and outcomes can be consequential in minutes. The winning pattern is risk tiering + controls-as-code: classify AI by what it can do, then enforce guardrails automatically across the SDLC and runtime—permissions, separation of duties, approvals, logging, traceability, and escalation thresholds. Three forces converge here: EU AI Act enforcement turns “good practice” into obligations The Commission’s official timeline shows progressive application through 2 August 2027, including earlier milestones around AI literacy/prohibitions and governance obligations for general-purpose AI. (European Commission — AI Act timeline) (AI Act Service Desk) At the same time, there’s active debate and policy motion around timing for “high-risk” rules (including proposals to delay aspects), which is exactly why leaders should architect for compliance-by-design rather than bet on dates. (Reuters — timeline reaffirmation, Reuters — proposed delay) (Reuters) Regulators are converging on governance, model risk, and explainability as systemic issues Supervisory bodies are explicitly pointing to governance and explainability weaknesses as risk accelerants—especially when AI influences credit and other consequential decisions. (BIS/FSI paper on explainability) (Bank for International Settlements) Agentic workflows turn “control gaps” into real losses and fines Once agents generate and execute business communications, decisions, and actions at scale, weak recordkeeping and inconsistent approvals become a multiplier. The control plane must be automated because manual governance cannot keep up with machine-speed operations. Business impact Cost &amp; efficiency: governance-as-code reduces rework and slows fewer releases—controls become reusable patterns, not bespoke compliance gates. Speed &amp; adaptability: risk tiering lets you scale safely: low-risk assistive use cases move fast; high-risk decisioning gets stronger constraints by default. Risk &amp; resilience: audit-grade traceability (“who/what/why”) becomes defensible evidence, not tribal knowledge—especially critical under EU AI Act and model risk expectations. (BIS/FSI) (Bank for International Settlements) Revenue &amp; differentiation: trust becomes a competitive advantage—institutions that can safely delegate more work to agents can serve more customers and partners with the same headcount base. CXO CTAs Adopt a 3-tier AI risk model and enforce it everywhere: assistive → decisioning → autonomous. Tie each tier to mandatory controls (approval gates, evidencing, reversibility, human escalation). Make controls-as-code non-negotiable: encode SoD, approvals, policy checks, and logging into pipelines and runtime—no “manual checklist” for systems that act at scale. Stand up an “AI Control Plane” with audit-grade traces: every consequential step must be reconstructable: inputs, context, tools invoked, constraints applied, outputs, and handoffs. Treat compliance deadlines as architecture deadlines: whether “high-risk” provisions land in 2026 or slide, the build effort is the same—design now so you don’t refactor under regulatory fire. (European Commission timeline, Reuters) (AI Act Service Desk) Redefine “done” for AI features: nothing ships without: risk tier label, control evidence, runtime observability, and a rollback/escalation design. META FORCE III — PROGRAMMABLE MONEY &amp; NEW REVENUE MODELS (2026–2028) Trend #8: Digital Assets, Stablecoins &amp; Institutional Crypto Digital assets are moving from “innovation perimeter” to regulated infrastructure. What changed is not ideology—it’s policy and plumbing. In the U.S., stablecoin regulation has been put on rails through the GENIUS Act (signed July 18, 2025), explicitly pulling stablecoin issuers into BSA/AML expectations and setting a federal framework for payment stablecoins. (White House fact sheet, Latham &amp; Watkins summary) At the same time, the “debanking” constraint was politically targeted via the Fair Banking executive order (signed Aug 7, 2025), including direction to remove “reputational risk” concepts from supervisory materials—reducing a major barrier that kept many banks from touching digital asset clients. (White House fact sheet, Sidley analysis) This is why 2026–2028 becomes the institutional phase: stablecoins for settlement, tokenized collateral patterns, and custody/market infrastructure moving inside regulated boundaries. Article content The shift is from crypto as an asset class to stablecoins + tokenization as new settlement and treasury primitives. Banks and insurers don’t win here by “having crypto.” They win by owning the rails: issuing/holding regulated stablecoins, routing value across networks, providing institutional custody, and using tokenization to compress settlement cycles and unlock liquidity. Three forces converge here: Stablecoins became a regulated category (U.S.) The GENIUS Act establishes a U.S. framework for payment stablecoins and explicitly subjects issuers to BSA obligations—shifting stablecoins from “regulatory ambiguity” into “regulated issuance and compliance.” (White House) Implementation details are now moving into the rulemaking and supervisory layer, with legal and regulatory communities tracking obligations, licensing, reserves, and timing. (Reuters Practical Law explainer) Bank participation barriers are being lowered The Fair Banking EO directly targets “reputational risk” as a basis for denial of services, changing the supervisory tone that previously chilled bank engagement with digital asset firms. (White House, DLA Piper analysis) Separately, regulators have signaled more explicit permissioning pathways for certain crypto activities (e.g., custody and stablecoin-related rails), reinforcing momentum. (Reuters on OCC clarification) State behavior is changing the narrative: Bitcoin as “reserve” optics The U.S. established a Strategic Bitcoin Reserve and a Digital Asset Stockpile via Executive Order 14233 (signed March 6, 2025). That doesn’t make Bitcoin “safe”—it makes digital assets strategic and politically durable as a policy area. (Federal Register, White House fact sheet) Business impact Cost &amp; efficiency: stablecoins and tokenized settlement can reduce friction in treasury, cross-border settlement, and reconciliation—especially where correspondent banking cost/latency is punitive. Speed &amp; adaptability: programmable money enables conditional settlement and new workflow designs (treasury automation, collateral mobility, instant payout patterns). Risk &amp; resilience: new risk stack: reserve governance, wallet/custody controls, sanctions screening at speed, smart contract/operational risk, and fraud vectors. GENIUS Act’s BSA emphasis makes compliance capabilities non-negotiable. (White House) Revenue &amp; differentiation: custody, issuance, liquidity, routing, tokenized collateral services, and institutional-grade compliance become monetizable platforms—not just products. CXO CTAs Decide your role in the stablecoin stack: issuer, distributor, custodian, or orchestrator. “Observer” is not a strategy once frameworks harden. (GENIUS Act fact sheet) Build stablecoin-grade compliance as a product capability: BSA/AML, sanctions, monitoring, travel-rule-like expectations, and auditability at transaction speed—engineered, not manual. Stand up a digital-asset treasury and risk policy: reserve management, liquidity stress, counterparty limits, operational controls, and incident playbooks. Treat custody as a control-plane problem: key management, segregation, recovery, and governance must be as strong as your core banking controls—because failures are existential, not reputational. Run scenario economics: stablecoin settlement and tokenized flows change fee pools; model what gets cannibalized and what scales. Trend #9: Tokenization of Real-World Assets &amp; Capital Markets Tokenization is no longer a lab experiment—it’s becoming market plumbing. The real signal isn’t another pilot. It’s central banks and market infrastructure providers moving tokenization toward collateral eligibility, settlement in central bank money, and regulated tokenization services—the three prerequisites for institutional scale. The BIS has framed tokenisation as a path to a “next-generation monetary and financial system,” built around tokenised platforms where central bank reserves, commercial bank money, and government bonds sit at the core. (BIS Annual Economic Report 2025 — tokenisation chapter) Article content The shift is from tokenized issuance to tokenized lifecycle + collateral mobility + settlement finality. Most institutions talk about “tokenized assets” as if the main value is fractional ownership. That’s not where the first institutional profit comes from. The early economic win is post-trade compression: faster settlement, fewer breaks, real-time collateral optimization, and programmable margining—if legal finality, dispute handling, and settlement in safe money are engineered. Three forces converge here: Collateral is the killer use case—because it unlocks liquidity Tokenization matters most when it improves collateral mobility and margin efficiency, not when it creates a new wrapper. DTCC has been explicit in pushing tokenized real-time collateral management and institutional-grade infrastructure patterns. (DTCC — tokenized real-time collateral platform announcement, DTCC Collateral AppChain) And central banks are starting to move from curiosity to eligibility: Reuters reported the ECB will permit banks to use tokenised assets as collateral from March 2026, and the Bank of England is open to accepting more tokenised assets as collateral. (Reuters — BoE open to tokenised collateral; ECB from March 2026) Wholesale settlement experimentation is becoming structured public-sector work The Eurosystem ran wholesale DLT exploratory work (May–Nov 2024) with 64 participants and 50+ trials, focused on settlement of DLT-based transactions in central bank money via interoperability approaches—exactly the “safe settlement asset” requirement institutions care about. (ECB — DLT exploratory work) Regulators are laying down the investor-protection and market-integrity rails IOSCO’s 2025 report makes the point plainly: tokenization may bring efficiency and programmability—but it also raises market integrity and investor protection implications that supervisors will expect firms to manage. (IOSCO — Tokenization of Financial Assets (Nov 2025)) At the infrastructure layer, DTCC received an SEC no-action letter enabling a service to accelerate tokenization of DTC-custodied assets—another signal that regulated market plumbing is moving. (DTCC — SEC no-action letter / tokenized DTC-custodied assets) Business impact Cost &amp; efficiency: fewer breaks, faster settlement, and improved collateral/margin operations—reducing manual reconciliation and trapped liquidity. (DTCC collateral platform) Speed &amp; adaptability: shorter settlement cycles and programmable workflows accelerate product innovation (repo, securities finance, structured products). Risk &amp; resilience: new operational risks appear: smart-contract logic errors, key management failures, disputed finality, and cross-platform interoperability. Supervisors will look for end-to-end control, not tech novelty. (IOSCO 2025) Revenue &amp; differentiation: custody, tokenization services, collateral optimization, issuance orchestration, and “tokenized post-trade” become fee pools—especially for institutions that can provide safe, compliant rails. CXO CTAs Stop treating tokenization as an issuance experiment—treat it as a post-trade redesign: pick 1–2 high-value flows (repo/collateral, fund units, private markets) and redesign the full lifecycle: issuance → transfer → servicing → margin → settlement → dispute handling. Make legal finality and dispute ops first-class: define how reversals, fails, and claims are handled—because institutional adoption dies in exceptions, not in demos. Anchor on “safe settlement asset” strategy: align tokenization roadmap to central bank money settlement pathways and regulated infrastructure participation where available. (BIS 2025, ECB DLT work) Build tokenized collateral capability before tokenized everything: collateral mobility is the fastest path to liquidity ROI and balance-sheet relevance. (DTCC Collateral AppChain) Treat tokenization controls like core controls: key management, segregation, recovery, audit trails, and operational resilience cannot be “phase two.” Trend #10: Real-Time, Cross-Border &amp; Programmable Payment Rails Payments are no longer a product line. They’re becoming competitive infrastructure. In 2026–2028, the winners won’t be the institutions with “faster payments” banners. They’ll be the ones that can route money across multiple rails (public and private), operate treasury 24×7, and embed conditional logic into settlement—while regulators simultaneously tighten the system toward trust-first (even if that means adding friction). India’s UPI scale alone signals what’s coming: RBI leadership has cited ~20B UPI transactions/month representing $280B+ value—a public-good rail operating at super-scale. (https://m.economictimes.com/news/economy/finance/india-makes-85-pc-of-digital-payment-through-upi-rbi-guv-malhotra/articleshow/124608197.cms) (The Economic Times) Article content The shift is from single-rail payments to multi-rail orchestration with programmable settlement. Three forces converge here: 24×7 money forces a 24×7 operating model Real-time rails don’t just change customer experience—they change liquidity management. Treasury can’t be “business hours” when settlement is always-on. Institutions must rebuild forecasting, limits, exception operations, and incident response for continuous movement. Cross-border becomes a routing problem, not a correspondent habit The future isn’t one “best” cross-border rail. It’s dynamic routing across options by cost, speed, FX, compliance, and failure modes. The ECB has publicly moved forward on connecting Europe’s TIPS with India’s UPI (and Nexus exploratory work), signaling an emerging template: regional instant payment systems linking for cheaper, faster corridors. ECB update: https://www.ecb.europa.eu/press/intro/news/html/ecb.mipnews251120.en.html (European Central Bank) Broader coverage: https://timesofindia.indiatimes.com/business/india-business/cross-border-payments-boost-india-eu-begin-phase-to-link-upi-with-tips-remittances-to-get-cheaper/articleshow/125488645.cms (The Times of India) Regulators are trading speed for safety (a reversal from frictionless-first) Fraud pressure is pushing supervisors toward calibrated safeguards. In India, RBI has proposed measures like lagged credits and additional authentication for vulnerable segments (e.g., senior citizens)—explicitly prioritizing trust and protection. Discussion paper coverage: https://www.business-standard.com/finance/news/rbi-proposes-a-discussion-paper-for-digital-payments-safeguards-126020601736_1.html (Business Standard) More detail on the safeguards direction: https://www.moneycontrol.com/news/business/personal-finance/rbi-to-up-safeguards-to-prevent-digital-payment-frauds-with-extra-protection-for-senior-citizens-13814930.html (Moneycontrol) Business impact Cost &amp; efficiency: multi-rail routing reduces “default” cross-border costs; fewer exceptions when ISO 20022 structured data is used as a reconciliation and compliance accelerator. Speed &amp; adaptability: programmable release logic (conditional settlement, escrow-like behavior) enables new product designs in B2B trade, marketplaces, insurance payouts, and treasury automation. Risk &amp; resilience: real-time rails compress the window for fraud detection and dispute handling; controls must move upstream (identity, risk scoring, step-up auth, hold-and-review patterns). Revenue &amp; differentiation: payments becomes a platform lever—treasury operating systems, corridor optimization, liquidity tools, and embedded distribution drive fee pools beyond MDR. CXO CTAs Stand up a 24×7 treasury operating model: real-time liquidity forecasting, automated limit management, and an always-on exception desk for high-value/high-risk flows. Build a “multi-rail router” capability: policy-driven routing by cost/speed/compliance; failover and observability as first-class design. Treat ISO 20022 as a data platform, not a format: standardize semantics so payments data becomes usable for fraud, compliance, and client insights. Productize programmable payments: conditional settlement, milestone-based release, and dispute-aware workflows (especially for B2B, marketplaces, and claims/payout use cases). Design for trust-first regulation: implement lagged-credit and step-up-auth patterns where risk warrants—don’t wait to be forced. (See RBI safeguards direction above.) (Business Standard) Trend #11: Big Tech, Neobank &amp; Platform Boundary Wars The boundary between “bank” and “platform” is being redrawn in real time. Big Tech isn’t trying to become a bank the way incumbents imagine. It’s doing something more dangerous: owning the customer moment, embedding finance inside commerce and devices, and letting regulated partners carry the balance sheet—until it makes sense to pull more of the stack in-house. Recent signals are explicit: Apple is expanding its payments footprint and re-wiring its banking partners (e.g., JPMorgan taking over Apple’s ~$20B card portfolio). (FT, Reuters on Apple Pay India talks) (Financial Times) Meanwhile, neobanks are moving the other direction: toward charters to control their destiny. Mercury publicly filed for an OCC national bank charter (Dec 2025). (Mercury, Payments Dive) (Mercury) Article content The shift is from “competition between institutions” to competition between stacks: who manufactures, who distributes, who orchestrates. Three forces converge here: Big Tech is building distribution leverage that banks can’t out-market Apple’s ecosystem strategy keeps expanding: payments expansion (reported Apple Pay India launch talks) and partner reconfiguration (JPMorgan–Apple card portfolio move). That’s not a payments feature—it’s channel power. (Reuters, FT) (Reuters) Amazon is also pushing deeper into credit infrastructure (e.g., Axio acquisition enabling direct lending license in India). (Reuters) (Reuters) Neobanks are trying to remove dependency risk by pursuing charters Charters reduce reliance on sponsor banks, improve control of unit economics, and harden brand trust. Mercury’s OCC charter application is a clean signal of this direction. (Mercury) (Mercury) Nubank has also pursued a U.S. national bank charter path (application reported Sept 2025; follow-on updates continue in 2026). (Reuters, Nu) (Reuters) “Who owns the customer” is becoming “who owns the orchestration” If commerce platforms and device ecosystems become the default origin point for transactions, banks risk being relegated to manufacturing + compliance utilities unless they develop their own distribution wedges (SME platforms, treasury OS, embedded partnerships they control) and orchestration capabilities. Business impact Cost &amp; efficiency: distribution shifts to platforms compress acquisition costs for platform owners—and raises them for banks that rely on traditional channels. Speed &amp; adaptability: partner-led models can scale fast, but amplify dependency risk (pricing power, data access, sudden program shifts). Risk &amp; resilience: concentration risk moves from loan books to platform relationships (single-partner exposure becomes systemic to fee lines). Revenue &amp; differentiation: the upside is real if banks choose where to play—issuer/underwriter, balance sheet + risk engine, or full-stack orchestrator in selected segments. CXO CTAs Declare your position in the stack (per segment): manufacturer vs distributor vs orchestrator—then design incentives, tech, and governance accordingly. Treat platform partnerships like large exposures: define concentration limits, contingency plans, data/consent rights, audit rights, and exit mechanics as rigorously as credit covenants. Build “bank-owned distribution wedges”: SME operating systems (treasury OS), vertical platforms, and embedded finance where you control the customer permissioning layer—not just the balance sheet. Design for portability: ensure products, risk models, and servicing flows can move across partners/rails without rewrites (or you will get priced). Measure the right thing: track profit per distributed customer, partner dependency ratio, and retention after partner-sourced acquisition—not vanity signups. Trend #12: Financial Media Networks (FMNs) &amp; Data Monetization Banks and insurers are discovering a new profit pool hiding in plain sight: first-party transaction reality. As advertising shifts into a privacy-first, measurement-driven era, the most valuable signal is no longer cookies—it’s verified spend and verified intent. That’s why FMNs are emerging as the next noninterest engine: they turn trusted financial distribution (apps, offers, merchant programs) into measurable commercial outcomes. JPMorgan’s Chase Media Solutions is the canonical proof point—operating at “retail media” scale inside a bank environment. (See Chase Media Solutions and third-party reporting on offer scale like SAS, Dec 2025.) Article content The shift is from “data as an asset” to data as a governed revenue product—with consent, measurement, and brand safety built-in. Most institutions still talk about “data monetization” like it’s a strategy slide. FMNs make it operational: merchants pay for outcomes (incremental spend, conversion, retention), and the bank gets a new revenue line without taking balance-sheet risk—if it can prove consent, purpose limitation, and clean measurement. Three forces converge here: Retail media-style economics are expanding in 2026 Retail media ad spend continues to outgrow other channels; 2026 growth expectations are explicitly strong in mainstream forecasts. (See EMARKETER retail media spending outlook for 2026.) FMNs are the BFSI adaptation of this same playbook—using bank-owned surfaces and transaction data. Banks uniquely own “verified outcomes,” not just clicks Chase explicitly positions its capability around transaction-based marketing with massive scale (e.g., annual card sales and offer-driven merchant spend). (See metrics on Chase Media Solutions and industry coverage like Adweek, May 2025.) That matters because advertisers increasingly demand closed-loop measurement—proof that marketing drove spend, not impressions. Privacy and consent are now the price of monetization In a cookieless / privacy-first world, first-party data collected with clear consent becomes the durable asset. (See consent framing from OneTrust and cookieless context from ecosystem players like Usercentrics.) For BFSI, this is existential: monetize without trust and you don’t just lose ad revenue—you risk the core relationship. Business impact Cost &amp; efficiency: noninterest income that scales without expanding risk-weighted assets; marketing revenue becomes an operating leverage lever. Speed &amp; adaptability: FMNs create a rapid iteration loop—offers can be tested, optimized, and measured quickly compared to traditional bank product cycles. Risk &amp; resilience: new risk categories emerge—consent governance, fair lending / UDAAP adjacency, discrimination-by-proxy, advertiser brand safety, and model-driven targeting controls. Revenue &amp; differentiation: institutions that build “trusted commerce media” can create a defensible moat: verified identity + verified spend + measured outcomes. CXO CTAs Decide what you’re monetizing—and what you never will: define bright lines for allowable targeting, sensitive categories, and prohibited uses (trust is the balance sheet). Use a published policy posture, not internal folklore. Stand up “consent + purpose” as product infrastructure: consent capture, revocation, purpose limitation, audit trails, retention rules—treat it like payments compliance. (Baseline patterns: OneTrust.) Build closed-loop measurement as the core SKU: outcomes (incremental spend, repeat rate, share shift) beat impressions. This is the FMN differentiator vs ad-tech middlemen. (Examples of positioning and scale: Chase Media Solutions, Adweek.) Operate it like a real business line: dedicated P&amp;L owner, retail-media sales talent, clear advertiser onboarding, and brand safety governance—not “a marketing project.” Pre-empt the backlash: embed fairness testing, proxy discrimination monitoring, and customer transparency into the design so monetization doesn’t become a reputational and regulatory event. Trend #13: Wealth Management Democratization &amp; AI-Powered Advisory Wealth is becoming a mass-market operating model problem. The demand is obvious: younger segments expect digital-first, low-friction advice; older segments need retirement income clarity; and the industry is trying to serve both while margins compress. What’s new in 2026–2028 is the mechanism: AI makes advice scalable, and policy is actively nudging broader access to alternatives—even as critics warn retail markets may be absorbing risks they don’t yet understand. A policy accelerant is explicit: the U.S. issued an Executive Order titled “Democratizing Access to Alternative Assets for 401(k) Investors” on Aug 7, 2025. (White House EO, KPMG regulatory alert) And the push is contested—Reuters has highlighted concerns about transparency, valuation, and cycle-tested risk as retail access expands. (Reuters — caution on democratizing private credit) Article content The shift is from high-touch advisory as a scarce resource to hybrid advice as a scalable platform—with alternatives and tokenized access expanding the “menu.” This trend isn’t “robo-advice 2.0.” It’s the convergence of three moves: AI advisors extend human coverage into the mass-affluent (planning, nudges, portfolio maintenance, tax behaviors). Fractional and tokenized wrappers expand access to products previously gated by ticket size and operational friction. Insurance-wealth convergence makes protection and investment one lifecycle platform, not separate channels—Manulife’s model (scale across both) is an instructive reference point. (Manulife investor fact sheet shows ~$1.7T AUMA as of Sep 30, 2025) Three forces converge here: AI makes advice “coverage-scalable” Robo/automated advisory continues to expand, with multiple market forecasts pointing to rapid growth through 2030 and beyond. (Grand View Research, Fortune Business Insights) The strategic point: the winning firms won’t replace advisors—they’ll make advisors supervise a larger “book” through AI-driven planning and service. Policy is opening the door to alternatives in retirement channels The 401(k) alternatives Executive Order is a clear directional signal that broadening access is now politically supported (with implementation debates underway). (White House EO, Investment Company Institute perspective) But the risk narrative is equally real: private credit and other alts raise liquidity, valuation, and disclosure challenges—especially in downturns. (Reuters) Tokenization and market plumbing can turn “access” into a real distribution channel Regulatory posture is evolving: the SEC recently allowed intraday trading for a tokenized money market fund via a special exemption—an important signal toward more flexible liquidity and “mutual-fund-like” tokenized access patterns. (Reuters — tokenized WisdomTree money market fund intraday trading) Separately, WEF has framed tokenization as a lever for improving access/efficiency in assets that are typically hard to access (real estate, private credit, PE). (WEF report) Business impact Cost &amp; efficiency: lower marginal cost to deliver planning, nudges, rebalancing, and education—reducing service load while improving coverage. (Grand View Research) Speed &amp; adaptability: hybrid models let firms re-segment quickly (mass-affluent, HNW, retirement income) without rebuilding the entire advisor model. Risk &amp; resilience: democratization without guardrails creates mis-selling, liquidity mismatch, and valuation opacity risk—especially if alternatives penetrate retirement channels aggressively. (Reuters) Revenue &amp; differentiation: scaled advice + retirement income platforms + product innovation (alts, tokenized wrappers, protected portfolios) expand fee pools—if trust is maintained. CXO CTAs Adopt a “hybrid coverage model” as strategy: define what AI handles (planning, nudges, service, portfolio maintenance) vs what humans own (complex advice, suitability edge cases, life events). Treat alternatives access as a risk-engineering problem first: liquidity gates, valuation governance, suitability logic, disclosure UX, and stress scenarios designed for real customer harm prevention—not just compliance. (White House EO, Reuters caution) Build a retirement income platform, not a product shelf: systematic drawdown planning, annuity integration, tax-aware strategies, and personalized guardrails. Design tokenized access carefully: focus on operational realities—settlement, custody, disclosure, and intraday liquidity/valuation policy—before expanding product breadth. (Reuters — tokenized money market intraday trading) Lean into insurance-wealth convergence: unify protection + investment journeys (especially in Asia) and design “protection wrappers” around wealth outcomes—this is how insurers with asset platforms scale. (Manulife fact sheet) Trend #14: Supply Chain &amp; Trade Finance Digitization Trade finance is being rebuilt because paper is now a competitive disadvantage. In a tariff-fragmented world, corporates are rerouting suppliers and corridors—and they need liquidity, guarantees, and risk coverage at the speed of disruption. But paper-based trade still creates multi-day friction: delays, fraud surface, manual checking, and trapped working capital. The shift in 2026–2028 is from “digitizing documents” to digitizing enforceability: electronic trade documents with legal recognition, interoperable standards, and automated processing that turns trade events into finance events. Article content The shift is from document handling to event-driven trade finance. Digitizing trade finance isn’t primarily a blockchain story. It’s a legal + standards + workflow story: eBLs and electronic transferable records only create real value when they are legally recognized, transferable, and accepted across counterparties and jurisdictions. Three forces converge here: Electronic Bills of Lading are becoming the unlock for paperless trade The International Trade Centre (ITC) has laid out how eBL adoption can materially improve speed, reduce costs, and tighten risk controls—but only when ecosystem adoption and legal frameworks align. (ITC — Expediting Trade Through Electronic Bills of Lading) (International Trade Centre) The ICC is also actively pushing the industry understanding and standardization narrative around eBL transformation. (ICC Academy — eBL paper) (ICC Academy) Legal reform is the bottleneck—and MLETR is the template Paperless trade stalls when an electronic record can’t substitute for a transferable paper instrument in court. The UNCITRAL Model Law on Electronic Transferable Records (MLETR) is repeatedly cited as the practical template for legal recognition of electronic transferable records (like bills of lading and warehouse receipts). (APEC paper on paperless trade + MLETR) (APEC) This is showing up as policy action in 2026: India’s draft push on electronic trade documents is being positioned as a comprehensive approach to trade digitization. (GTR review — India draft electronic trade documents bill) (GT Review) Standards and interoperability are becoming the strategic layer Digitization without interoperability creates “new paper”: siloed platforms and manual exception handling. ICC’s Digital Standards Initiative is explicitly aimed at harmonizing digital trade standards across stakeholders and geographies. (ICC DSI) (icc-dsi) Business impact Cost &amp; efficiency: faster document processing, fewer discrepancies, reduced manual checking, and less trapped working capital when trade events become machine-processable. (ITC eBL paper) (International Trade Centre) Speed &amp; adaptability: enables “tariff-driven corridor rewiring” financing—new supplier onboarding, dynamic discounting, faster issuance/negotiation cycles. Risk &amp; resilience: reduces document fraud and mismatch risks, but shifts focus to digital controls: identity, provenance, and platform interoperability failure modes. Revenue: SCF and trade platforms become a scalable fee engine when digitization moves beyond pilots into repeatable workflows—especially in reshoring and corridor diversification cycles. CXO CTAs Make legal enforceability part of the product roadmap: align your trade digitization program to MLETR-style recognition pathways in your key corridors; don’t build “digital documents” that can’t travel. (APEC paper) (APEC) Redesign trade ops around straight-through processing: treat document checking as an exception workflow; automate first pass and reserve humans for anomalies. Invest in interoperability, not just platforms: adopt harmonized standards and partner ecosystems so e-documents can move across carriers, banks, insurers, and customs. (ICC DSI) (icc-dsi) Turn digitization into a corridor play: bundle trade finance + SCF + FX + treasury solutions targeted at sectors actively restructuring supply chains due to tariffs. Measure it like a business: cycle time to issue/settle, discrepancy rate, manual touch rate, fraud loss rate, and incremental funded volume per corridor. Trend #15: Treasury-as-a-Service &amp; Corporate Liquidity Platforms The next corporate battleground is not “cash management.” It’s who becomes the corporate operating system for money. As payments move 24×7 and supply chains fragment, corporate treasurers are forced into continuous liquidity decisions. They need real-time visibility, automated cash concentration, API-integrated controls, and exception handling that works across multiple rails. This is why Treasury-as-a-Service (TaaS) is emerging: banks can either sell products (accounts, payments, FX), or they can sell a platform that runs liquidity, routing, and control as a managed service. Industry signals already point to this platform shift: the Financial Stability Board has highlighted vulnerabilities and structural shifts in the non-bank financial intermediation (NBFI) ecosystem that amplify liquidity and funding shocks—making corporate liquidity discipline more important and more continuous. (FSB annual report 2025, FSB NBFI vulnerabilities) (fsb.org) Article content The shift is from bank portals to bank-as-liquidity platform. TaaS isn’t about prettier dashboards. It’s about compressing the time between “cash position changed” and “action taken.” In a world of instant payments, stablecoins, and multi-rail routing, treasury becomes a real-time control loop: forecast → allocate → route → settle → reconcile → respond to exceptions. Three forces converge here: 24×7 rails create 24×7 liquidity risk Instant settlement increases the speed at which cash moves—and therefore the speed at which mistakes and fraud can deplete liquidity. Liquidity forecasting and limits can’t be end-of-day batch processes when settlement never sleeps. (This also aligns with the broader payments shift discussed under Trend #10.) ERP isn’t built to be the treasury execution layer ERP systems record and reconcile. They don’t natively optimize rail routing, execute conditional payments, or manage always-on exceptions across banks and corridors. This creates space for banks (and fintechs) to become the orchestrator layer. API economics and embedded treasury are becoming normal Corporate clients increasingly expect bank capabilities to be embedded inside their workflows—APIs, virtual accounts, automated sweeps, programmable controls. The Bank for International Settlements has repeatedly emphasized how faster payments and modern infrastructures change settlement patterns and liquidity management needs—driving new operational requirements. (BIS — fast payments &amp; FPS considerations) (bis.org) Business impact Cost &amp; efficiency: lower manual treasury operations, fewer reconciliations, reduced exception processing, less idle cash. Speed &amp; adaptability: real-time forecasts and automated actions reduce cycle times for liquidity decisions and improve responsiveness during shocks. Risk &amp; resilience: better controls reduce fraud and operational errors; continuous monitoring improves incident response. Revenue &amp; differentiation: new fee pools: liquidity platform subscriptions, premium routing, virtual accounts, cash pooling automation, embedded FX, and analytics-driven treasury advisory. CXO CTAs Offer “bank as treasury OS” for priority segments: virtual accounts, real-time cash positions, rule-based sweeps, programmable approval policies, and exception workflows as a managed service. Build 24×7 treasury operations and SLOs: define time-to-detect, time-to-act, exception resolution SLAs, and failover patterns like an SRE discipline. Integrate multi-rail routing into treasury, not just payments: route by cost/speed/compliance and add dynamic limits and fraud scoring upstream. Instrument “liquidity health” like credit health: forecasting accuracy, trapped-cash reduction, exception rate, and incident recoveries. Package the value proposition in CFO language: “reduce idle cash,” “reduce errors,” “reduce time-to-close,” “improve working capital,” not “API modernization.” META FORCE IV — THE NEW BUYER (2026–2028) Trend #16: The $124T Great Wealth Transfer &amp; Generational Shift The biggest distribution event in modern finance isn’t a new channel—it’s an inheritance. Over the next two decades, an estimated $124T will transfer through 2048, with roughly $105T–$106T expected to flow to heirs (and the rest largely to charity). (Cerulli Associates) That scale doesn’t just move assets. It moves decision power—toward cohorts who expect finance to behave like software: instant, transparent, and self-directed. And when expectations shift at the same time as wealth shifts, loyalty becomes conditional. Article content The shift is from relationship inheritance to relationship re-competition. Banks and insurers have historically assumed that wealth transfer preserves the primary relationship. In 2026–2028, that assumption breaks. Heirs don’t “receive” a provider—they re-evaluate one. And their bar isn’t brand heritage; it’s digital execution, personalization, and outcomes. Three forces converge here: The transfer is real—and it’s uneven Cerulli’s work highlights that the majority of transfer volume is concentrated in HNW/UHNW households, meaning the revenue impact will be disproportionately decided by how well institutions retain and re-win complex relationships at the point of transition. (Cerulli Associates) (Translation: a small number of families drive an outsized share of fees, balances, and referrals.) Digital preference is not “nice to have”—it’s selection criteria Survey reporting cites that millennials are the most likely generation to prefer banking digitally (Bankrate referencing ABA findings). (Bankrate) Separately, research reporting also shows ~80% of consumers prefer a full digital banking experience in an identity/verification context—another indicator that digital is becoming baseline, not differentiator. (Retail Banker International) The competitive moment is the life event Wealth transfer is a chain of life events: bereavement, probate, property transitions, tax planning, family governance, and reinvestment decisions. The institutions that win don’t just have products—they have life-event orchestration: detect intent, guide the next best action, and execute with minimal friction. Business impact Cost &amp; efficiency: digital-first servicing and advice reduces the marginal cost of engagement across large heir populations, while preserving human focus for high-complexity transitions. Speed &amp; adaptability: faster onboarding, beneficiary servicing, and transfer-of-assets workflows reduce leakage during the “decision window.” Risk &amp; resilience: inheritance moments increase fraud and scam exposure; identity verification and verified communications must tighten exactly when customers are vulnerable. Revenue &amp; differentiation: retention and expansion hinge on converting wealth transfer into multi-line relationships: deposits + investments + protection + lending + tax/estate support. CXO CTAs Build a “wealth transfer command playbook”: pre-built journeys for beneficiary onboarding, asset consolidation, trust/estate servicing, and protection re-evaluation—measured by time-to-completion and leakage rate. Instrument life-event detection: signals from account behavior, inbound communications, and document events should trigger proactive support (with human escalation). Modernize the inheritance experience end-to-end: the “death of paperwork” moment is a loyalty test; digitize identity, documentation, approvals, and disclosures without breaking controls. Make protection part of the transfer conversation: heirs don’t just need portfolios—they need risk coverage (life, health, property, liability) redesigned for their life stage. Redefine relationship KPIs: track assets retained post-transfer, time-to-consolidation, and cross-line penetration within 12 months of the triggering event. Trend #17: AI Agents as Commerce &amp; Transaction Originators The next distribution shock in BFSI won’t be a new app. It will be a new originator. In 2026–2028, a growing share of purchases—and the financing, payments, and protection attached to them—will be initiated by AI agents acting on human intent. Protocols are already forming the “agentic checkout” layer: Visa’s Trusted Agent Protocol (under Visa Intelligent Commerce), OpenAI + Stripe’s Agentic Commerce Protocol (ACP), and Google’s Universal Commerce Protocol (UCP)—all aimed at making commerce agent-callable and making agents trust-verifiable. (Visa Developer) Article content The shift is from customers choosing products to agents routing intent across markets—and BFSI becomes the execution layer behind that routing. This is where “The New Buyer” stops being demographics and becomes architecture. If an agent can compare offers, validate identity, choose a payment method, embed credit/insurance, and complete checkout inside a conversation, the institution that wins is the one whose products are: discoverable by agents callable via stable contracts approved under risk policy at runtime Three forces converge here: Agent-to-merchant protocols are becoming real infrastructure Visa’s Trusted Agent Protocol is explicitly designed to let agents pass credentials merchants can validate. (Visa Developer) Stripe + OpenAI describe ACP as an open standard enabling programmatic commerce flows between buyers, their agents, and businesses. (Stripe) Google’s UCP is positioned as the standard interface between an AI agent and a merchant backend, including checkout within Google AI Mode and Gemini. (Google for Developers) B2B buying is forecast to become agent-intermediated at massive scale Gartner’s published prediction is stark: by 2028, 90% of B2B buying will be AI agent intermediated, pushing $15T of B2B spend through AI agent exchanges. (Gartner) For BFSI, that means treasury, embedded lending, invoice financing, and corporate cards increasingly get selected by agent workflows—not by relationship meetings. Trust moves from “brand” to “verified agent identity + governed execution” Agents create a new fraud surface (agent impersonation, bot swarms, synthetic identities). The response is not marketing—it’s verification and policy enforcement: trusted agent registries/credentials, risk scoring, and step-up authentication integrated into the checkout flow. Visa’s TAP is an explicit trust move in this direction. (Visa Developer) Business impact Cost &amp; efficiency: lower acquisition friction as agents streamline discovery and onboarding—but only if your product and policy are machine-readable and automatable. Speed &amp; adaptability: distribution shifts upstream into agent interfaces; product changes must propagate as contracts/feeds, not brochure updates. Risk &amp; resilience: fraud and compliance pressure intensify because transactions compress into fewer steps; controls must move “left” into identity, eligibility, and runtime policy checks. Revenue &amp; differentiation: winners capture “attach” economics—credit at checkout, protection at checkout, FX at checkout, loyalty/benefits—because the agent optimizes bundles, not single products. CXO CTAs Make your offers agent-readable: publish structured product feeds, pricing, eligibility, and constraints so agents can evaluate you without humans interpreting PDFs. (ACP and UCP both emphasize standardized programmatic exchange.) (OpenAI Developers) Build an “agent-callable product surface”: quote, approve, pay, finance, insure—exposed as governed skills with stable inputs/outputs and explicit error semantics. Engineer trusted agent identity into risk controls: support verification patterns (e.g., TAP-like credentials) and treat “agent authenticity” as a first-class fraud signal. (Visa Developer) Redesign onboarding for machine-speed: KYC, consent, limits, and disclosures must be executable in-agent with audit trails—not back-and-forth workflows. Track a new distribution KPI: agent-originated volume and attach rate per intent (credit, protection, FX, loyalty), plus decline reasons (so you can tune policies without increasing risk). Trend #18: Embedded Finance 3.0, BaaS &amp; Open Finance Embedded finance is no longer a growth hack. It’s becoming a regulated distribution system. In 2026–2028, the winners won’t be the banks that “partner with fintechs.” They’ll be the banks that can manufacture trust at partner speed—embedding lending, treasury, and insurance into vertical platforms without creating a supervisory time bomb. Regulators have effectively made the rule clear: using third parties does not transfer accountability. (FDIC — Third-Party Relationships, Interagency statement on bank arrangements with third parties (Jul 2024)) Article content The shift is from embedded finance experiments to embedded finance operating systems. Embedded Finance 1.0 was payments. 2.0 was “BaaS everywhere.” 3.0 is what happens after the hangover: tighter oversight, clearer contractual obligations, higher expectations for monitoring, and a pivot toward open finance primitives—consent, purpose limitation, revocation, and traceable data sharing. Three forces converge here: Regulators turned BaaS into a third-party risk exam topic, not an innovation story U.S. agencies published a joint statement in July 2024 highlighting risks and risk-management practices for bank arrangements delivering deposit products/services via third parties—essentially codifying the supervisory lens. (FDIC — Interagency statement) And the market got the message: multiple BaaS banks were hit with consent orders in 2024, frequently tied to weak due diligence and monitoring of fintech partners. (Banking Dive — running list of BaaS consent orders) “Open finance” is diverging by jurisdiction—creating strategic architecture choices In the UK, regulators continue to build the long-term open banking framework and emphasize consented data sharing with security and consumer protection. (FCA — Open banking and the FCA, UK gov: FCA/PSR joint response on payments regulation (Dec 2025)) In the U.S., by contrast, the CFPB “open banking” rule was temporarily blocked by a federal judge, and is expected to be revisited under new leadership—injecting uncertainty into timeline and obligations. (Reuters — US judge blocks CFPB open banking rule (Oct 29, 2025)) The “new buyer” increasingly sits inside a vertical platform—so governance must move upstream When lending, payouts, wallet balances, insurance offers, or treasury functions are embedded into a SaaS or marketplace, the customer experience is controlled by the platform. That means your risk controls must be API-native: eligibility, limits, dispute handling, disclosures, complaints, and monitoring can’t rely on branch-era processes. Business impact Cost &amp; efficiency: embedded distribution can lower acquisition costs—but only if onboarding, KYC/consent, and monitoring are standardized and automated. Speed &amp; adaptability: partner channels can scale quickly; institutions with strong “partner operations” win time-to-market without taking unmanaged risk. Risk &amp; resilience: weak partner governance becomes a direct path to consent orders, customer harm, and fraud escalation. (Banking Dive) Revenue &amp; differentiation: the durable upside is open finance + embedded finance together—permissioned data sharing that enables better underwriting, personalized offers, embedded protection, and treasury tools. CXO CTAs Treat embedded finance like a line of business, not a partnership: create a dedicated “Partner Risk &amp; Operations” capability with clear accountability, SLAs, monitoring, and audit evidence. (Regulators emphasize bank accountability even with third parties: FDIC) Standardize partner onboarding as a governed pipeline: due diligence, contract controls, complaint handling, dispute workflows, marketing approvals, and ongoing performance monitoring as reusable patterns—not bespoke deals. (Interagency statement) Build open finance primitives now: consent capture, purpose limitation, revocation, and data provenance—because the commercial future of embedded distribution depends on trusted data flows. (UK direction: FCA) Design for regulatory divergence: architect routing and controls so you can run open finance obligations differently by region (UK/EU momentum vs US uncertainty). (Reuters — CFPB rule blocked) Measure the right risk KPIs: partner-driven complaint rates, unauthorized transaction rates, dispute SLA adherence, fraud loss per partner, and “time-to-contain” incidents—these will matter more than partner GMV. What you’ll see in Part 2 (the consequences + the rebuild): Deposit displacement: BNPL + wallets + platform checkout shifting the “spend moment” away from banks Insurance at the point of intent: embedded, on-demand, and parametric products becoming mainstream The prevention fee economy: insurers monetizing “predict-and-prevent,” not just payout-after-loss Fraud at industrial scale: scams, deepfakes, mule networks, and synthetic identities driving outcome-based enforcement Trust becomes cryptographic: provenance and post-quantum urgency moving from roadmap to execution Identity becomes the perimeter: non-human identity governance and agent-era authorization controls The operating system underneath: resilience engineering + modernization foundations that make “governed execution” real Part 2 is the playbook—how BFSI leaders build machine-speed execution with audit-grade trust, before the next shock chooses the winners.

PART 1/2 — Banking & Insurance Strategic Trends (2026–2028)

The definitive shift: from processing money to executing intent—with provable trust

For years, banks and insurers could treat change like a queue: modernize the core, digitize the channel, add controls, repeat. The system assumed time—time to plan, time to roll out, time to catch up.

That assumption is gone.

From 2026 to 2028, BFSI is being pulled into a new operating reality where volatility is continuous, money is programmable, distribution is intermediated by platforms and AI agents, and regulators expect outcome-proof—not policy statements. In that world, the winners won’t be the institutions with the most transformation projects. They’ll be the ones that become governed execution engines.

Here’s the story that connects everything:

Macro turbulence turns balance sheets into moving targets: tariffs, fragmentation, and rate ambiguity force continuous portfolio action—not annual cycles.
To respond at that speed, institutions shift to the agentic enterprise: not AI that suggests, but AI that executes within auditable boundaries.
Once execution becomes software, money becomes software too: real-time rails, stablecoins, tokenization, and programmable settlement start pulling profit pools into new layers.
At the same time, the buyer changes: not just younger customers and wealth transfer—agents and embedded platforms increasingly originate the transaction, rewriting discovery, distribution, and loyalty.
Speed + new rails + new intermediaries expands the blast radius—so resilience becomes the product: fraud industrializes, deepfakes scale, non-human identities explode, and regulators enforce effectiveness.
That forces a rebuild of the hidden foundations—invisible infrastructure—because you can’t govern agents or prove decisions without semantics, observability, and modernized cores designed for change.
And the end-state isn’t just faster banking and insurance—it’s different business models: prevention over payout, living benefits over death-only, platforms over products, sustainability and protection gaps reshaping risk and capital.

One sentence to anchor the entire article:

BFSI is shifting from institutions that process transactions to institutions that execute intent—at machine speed—with audit-grade trust—across programmable rails—under permanent volatility.

META FORCE I — MACRO TURBULENCE (2026–2028)

Trend #1: Tariff-Driven Credit Stress & Portfolio Recalibration

Tariffs don’t just raise costs—they re-route cashflows. They reshape suppliers, corridors, inventory positions, and working-capital cycles—often faster than financial statements can reveal. In 2026–2028, tariff risk stops behaving like a “macro factor” and starts behaving like a supply-chain system shock that hits credit quality through liquidity strain first, not defaults first. (Bank for International Settlements)

Article content

The shift is from sector-level stress views to corridor + counterparty + cash-conversion intelligence. For years, institutions treated tariffs as a scenario overlay: adjust assumptions, run a quarterly stress, tighten underwriting. That approach is structurally late in a world of elevated trade-policy uncertainty and rapid trade rearrangement. The new winners instrument portfolios around where stress emerges earliest—invoice friction, DSO creep, inventory cash traps, supplier fragility—and they act while they still have options: reprice, restructure, and redeploy capital into the new corridor map. (World Trade Organization)

Three forces converge here:

Trade policy uncertainty is now a persistent operating condition Global institutions are explicitly warning that tariff increases and uncertainty are not “one-off headlines”—their impact compounds over time, changing investment, sourcing, and trade volumes. (World Trade Organization)
The first damage shows up as working-capital stress, not immediate credit events Tariffs tie up cash in inventory, compress margins, and increase volatility in receivables/payables cycles—creating liquidity strain that precedes rating migration and covenant breaches. (KPMG)
Disruption creates a short revenue window for banks that can move fast As corporates reconfigure supply chains, they need liquidity tools, trade finance modernization, and corridor-specific risk solutions—turning turbulence into a moment to win SCF/trade finance share if risk and product move together. (McKinsey & Company)

Business impact

Lower loss severity: earlier intervention (repricing, covenant resets, restructures) before default momentum builds.
Faster portfolio control: limits move from periodic review to trigger-driven action tied to corridor signals.
Better concentration management: hidden correlated risk becomes visible (shared suppliers, shared corridors, shared import dependencies).
Revenue upside: SCF/trade finance and treasury liquidity offers attach naturally to “rebuild the corridor” client moments. (KPMG)

CXO CTAs

Map tariff exposure borrower-by-borrower (not sector-by-sector): tie top exposures to corridors, supplier concentration, input categories, and pass-through ability. (Deloitte)
Install trigger-based stress testing: DSO spikes, invoice dispute rates, freight lead-time jumps, inventory drawdowns → automatic review and action. (KPMG)
Operationalize dynamic repricing with governance: pre-approved guardrails and escalation paths so repricing happens in weeks, not quarters.
Stand up a cross-border exposure cockpit: corridor limits + legal constraints + concentration + early-warning signals in one control view.
Turn it into a client offer: “Tariff Resilience” packaged as restructuring + liquidity + SCF/trade finance modernization with one accountable owner.

Trend #2: Geopolitical Fragmentation, Sovereign Stacks & Regulatory Divergence

Geopolitics is no longer “context” for BFSI. It’s becoming architecture. As blocs harden and rules diverge, banks and insurers are being forced to operate like federations: different data rules, different AI obligations, different resilience regimes, different crypto frameworks—sometimes inside the same group. The strategic shift is from “global standardization” to sovereign-by-design execution: regional control planes, data/model residency, and policy-driven routing for decisions, payments, and risk.

Article content

The shift is from one global operating model to multi-sovereign execution with provable control. For decades, institutions optimized for scale: common platforms, shared data lakes, centralized models, and cross-border service centers. In 2026–2028, that creates friction and risk. Divergence is rising across AI governance and operational resilience (EU), digital assets regulation (EU), and cross-border data regimes—while the U.S. posture is increasingly skeptical of localization and sovereignty mandates. (See EU AI Act timeline and rollout commitments in EU digital strategy and reporting on “no pause” implementation in Reuters. Also see data-sovereignty pushback posture in Reuters.)

Three forces converge here:

Regulatory regimes are colliding—especially in Europe Europe is raising the compliance floor through a combination of resilience rules and digital-asset frameworks:
Sovereign stacks become mandatory, not ideological Data sovereignty is increasingly treated as national security and systemic-risk policy. Fragmented cross-border data-transfer regimes are accelerating, forcing regulated firms to design for residency, lawful access constraints, and regional operations. (CIGI paper on cross-border data transfer regimes, plus current sovereignty debate coverage in the Financial Times)
Legal + contract complexity explodes—at scale Fragmentation doesn’t only change compliance; it changes obligations: client contracts, vendor terms, outsourcing agreements, SLAs, data-processing addenda, model-use restrictions, recordkeeping, and audit rights. Institutions need “renegotiation at scale” capabilities, because multi-jurisdiction divergence turns contract management into a balance-sheet risk lever.

Business impact

Cost & efficiency: duplicated controls, regional processing, and multi-cloud requirements raise cost unless you standardize how sovereignty is implemented (common patterns, reusable guardrails).
Speed & adaptability: transformation velocity depends on whether policy can be pushed into platforms (controls-as-code) instead of being re-litigated in every project.
Risk & resilience: the risk is no longer “non-compliance” alone—it’s operational breakage at borders: data flows, model routing, incident response, and vendor dependencies.
Revenue opportunity: fragmentation is also stimulus—Europe is explicitly mobilizing large-scale defense and resilience investment, creating demand for financing, treasury services, risk transfer, and infrastructure underwriting. (See the EU’s ReArm Europe / Readiness 2030 mobilization framing. (European Commission))

CXO CTAs

Create a “Sovereign-by-Design Reference Architecture”: define what must be regionalized (data, models, keys, logging, incident response) vs what can remain global (standards, patterns, telemetry schemas).
Build regional AI and data control planes: policy-driven routing, residency enforcement, encryption key jurisdiction, and audit-grade observability—so you can prove where data/model execution occurred.
Treat regulation as product constraints early: embed EU AI Act/DORA/MiCA obligations into build pipelines (controls-as-code), not post-launch remediation. (DORA baseline: EIOPA; MiCA baseline: ESMA)
Stand up “contract operations at scale”: AI-assisted contract discovery, obligation mapping, and renegotiation workflows for vendors/clients—linked to governance and risk tiering.
Exploit the stimulus lanes: set explicit coverage/financing plays for defense, infrastructure, energy transition, and resilience programs—pair underwriting appetite with treasury + risk transfer.

Trend #3: Margin Compression & Revenue Model Disruption

The next margin shock won’t look like a crisis. It will look like physics: funding costs normalize, rate tailwinds fade, competition raises deposit betas, and customers keep migrating to lower-friction wallets and embedded rails. Net interest income becomes harder to grow on autopilot—so institutions either build durable noninterest engines, or they slowly shrink into utility economics.

Recent bank results and outlooks already show the pattern: net interest margins compress while fee and wealth income become the stabilizer (see examples in Reuters on OCBC and Reuters on UOB). The strategic question for 2026–2028 is blunt: what is your revenue mix when spread income is no longer the hero? (Context on NII outlook: Deloitte Banking Outlook)

Article content

The shift is from spread-driven growth to portfolio + platform monetization—with a live threat to card economics. For decades, NII was the dependable engine and noninterest income was “nice-to-have.” In 2026–2028, that flips. Institutions need multiple fee and platform profit pools that can scale without breaking trust: financial media networks, treasury platforms, BaaS/open finance ecosystems, and data-driven offers—all operated like real businesses, not innovation theatre.

Three forces converge here:

NII tailwinds are fading; margin becomes contested Even in strong-profit periods, NIM pressure shows up quickly once rates and funding dynamics shift (see sector commentary and profit mix discussions in the Financial Times and 2026 outlook framing from Moody’s).
Noninterest revenue is becoming the “second engine,” not the sidecar FMNs are the clearest signal: banks are monetizing first-party spend data through offers and transaction-based marketing (e.g., scale and offers performance highlighted by Chase Media Solutions and launch context in Reuters).
Consumer lending faces policy risk—especially credit cards Rate-cap pressure is no longer theoretical. Industry and policy discourse is explicitly engaging a 10% cap concept (see ABA rate-cap research and legal/regulatory discussion of the proposal in Consumer Finance Monitor). Whether or not a cap passes, it forces institutions to model alternative fee architectures, underwriting shifts, and product redesign.

Business impact

Cost & efficiency: margin pressure makes cost-to-serve unforgiving—forces a journey-level economics view (ties directly to AI FinOps later).
Speed & adaptability: revenue diversification requires faster product iteration, partner onboarding, and pricing experiments—without control failures.
Risk & resilience: new revenue lines introduce new risks: marketing compliance, consent/provenance, partner risk, model risk, and data-use governance.
Revenue & differentiation: institutions that build repeatable monetization systems (offers, treasury platforms, embedded distribution) outgrow those stuck in spread dependence.

CXO CTAs

Set a revenue-mix target now: define a 2028 ambition for noninterest income by line (wealth fees, payments/treasury, FMN/offer income, platform/API income) and track it quarterly like a capital ratio.
Treat FMN as a business, not a slide: assign a true P&L owner; hire retail media talent; establish advertiser-grade measurement and privacy-by-design (baseline capability examples: Chase Media Solutions).
Industrialize BaaS/Open Finance with partner risk governance first: clear role accountability, SLAs, monitoring, and auditability—don’t scale distribution without controls (risk framing: Wolters Kluwer on BaaS risk).
Pre-model a credit-card rate-cap playbook: redesign unit economics (fees, rewards, risk-based offers), adjust underwriting and line management, and build customer-safe alternatives before policy forces a scramble (policy context: ABA, Consumer Finance Monitor).
Make “new revenue” operational, not aspirational: every revenue bet must have a distinct operating model—sales motion, controls, data permissions, and metrics.

META FORCE II — THE AGENTIC ENTERPRISE (2026–2028)

Trend #4: Agentic AI at Enterprise Scale

The next operating model won’t be “digital + AI.” It will be agentic execution. Banks and insurers are moving from systems that recommend to systems that act—resolving disputes, reconciling ledgers, servicing customers, triaging claims, and progressing collections with bounded autonomy. That shift is not a productivity tweak; it’s a redesign of how work gets done, how decisions are governed, and how accountability is proven.

McKinsey’s framing is blunt: AI pioneers can open up to a ~4 percentage-point ROTE gap versus slow movers—because execution capacity becomes a cash-flow advantage before it gets competed away. (McKinsey — Agentic AI will shake up banking)

Article content

The shift is from human-completed workflows to machine-executed workflows with audit-grade escalation. Most institutions are still shipping “copilots” that draft text and summarize cases. That’s useful—but it doesn’t change throughput. The step-change happens when agents can orchestrate multi-step work across systems (with guardrails), while humans intervene only at defined thresholds.

Three forces converge here:

Volatility demands execution speed, not just insight Macro turbulence, fraud pressure, and customer expectations create exception volume that humans can’t clear fast enough. Agentic systems compress cycle time by moving routine steps from queues into automation—with deterministic controls.
Governance is shifting from policy to runtime control The moment an agent takes consequential action, “we have a policy” stops mattering. You need who/what/why traces, permission manifests, reversibility horizons, and escalation design that stands up in audit. Gartner is already warning that agentic AI without oversight is a risk pattern, not a capability. (Gartner — Agentic AI…risk without oversight)
The ROI narrative is tightening Boards are done funding demos. Even industry observers note the transparency gap on realized ROI, and major outlooks cite how few banks publicly report realized returns from AI use cases—pushing a shift from “number of POCs” to “decisions and work units executed in production.” (Deloitte banking outlook referencing Evident, Evident AI Index (2025))

Business impact

Lower cost-to-serve at the journey level: disputes, servicing, reconciliations, onboarding, and claims move from labor-cost curves to managed execution economics.
Faster operating cadence: cycle times compress; exception backlogs shrink; change ships as agent “skills” rather than UI/process rewrites.
New risk surface: prompt/tool injection, runaway automation, and opaque decisions shift risk from perimeter security to runtime governance.
Organizational redesign: “junior bankers/adjusters managing agent squads” becomes a real operating model—supervising throughput, quality, and escalations rather than doing every step.

CXO CTAs

Pick the first 5 end-to-end agent workflows (not 50 copilots): disputes, claims triage, reconciliation, collections, and servicing are the highest-leverage candidates because they’re exception-heavy and measurable.
Define human-in-the-loop thresholds like credit policy: what can be assistive vs decisioning vs autonomous; what triggers escalation; who is the named authority at the boundary.
Build agent observability as a product requirement: every action needs a trace (inputs, tools used, constraints applied, decision rationale, outputs, reversals). Treat it as audit infrastructure, not logging.
Engineer “reversibility horizons”: design every agentic workflow with undo windows, rollback paths, and safe-fail defaults—especially in regulated actions.
Change the board metric: track “AI decisions/work units executed per day in production” + reversal rate + escalation rate + unit cost per journey.

META FORCE II — THE AGENTIC ENTERPRISE (2026–2028)

Trend #5: The 10x Bank/Insurer & AI Economics

The breakthrough in 2026–2028 won’t be “better models.” It will be cheaper, safer execution at scale. As AI moves from drafting to doing, BFSI is discovering an uncomfortable truth: AI turns operating cost into a variable COGS problem. Tokens, orchestration, monitoring, context windows, and accelerator capacity become a controllable (or uncontrollable) economic system. The institutions that win won’t just deploy agents—they’ll run AI like a unit-economics business, journey by journey. McKinsey’s warning is clear: AI creates a widening performance gap—AI pioneers can increase ROTE by up to ~4 percentage points if they reinvest their lead into operating model reinvention rather than scattered experimentation. (McKinsey — Global Banking Annual Review 2025)

Article content

The shift is from “AI as capability” to AI as managed industrial economics. Most banks and insurers still measure AI as a project: model accuracy, POC success, feature shipping. That framing collapses in production. Once AI sits inside disputes, claims, onboarding, AML triage, collections, or service, leaders need to manage it like any other cost engine: cost per journey, latency SLOs, quality thresholds, and continuous optimization.

Three forces converge here:

Inference becomes the dominant cost model AI spend is no longer mostly infrastructure you amortize—it’s invocations you meter. This forces a new management discipline that connects engineering choices (context length, retrieval strategy, routing) to CFO outcomes (cost-to-serve per journey). The FinOps Foundation now explicitly treats this as a formal domain (“FinOps for AI”) because traditional cloud FinOps misses token-driven economics. (FinOps Foundation — FinOps for AI, FinOps for AI overview)
Optimization is now a first-class competitive weapon Cost and performance hinge on engineering levers most boards never tracked: routing to the right model tier, caching, batching, quantization, and context management. NVIDIA’s guidance shows why: optimizing inference for long context and KV-cache efficiency is directly tied to throughput and cost at scale. (NVIDIA — Optimizing inference with KV cache, NVIDIA — Inference optimization techniques)
Capacity governance becomes strategic Accelerators are not just a tech procurement line—they are a constrained production resource that must be governed like liquidity: allocation by value, priority lanes for regulated journeys, and placement decisions across hybrid footprints.

Business impact

Cost & efficiency: the winners create a measurable drop in cost-to-serve by managing unit economics per journey (onboarding, dispute, claim, decision), not “AI spend in aggregate.”
Speed & adaptability: routing/tiering/caching lets teams ship new capabilities without cost explosions—innovation becomes repeatable, not heroic.
Risk & resilience: AI cost controls become control controls: predictable spend, predictable latency, auditable decision traces, fewer runaway agent loops.
Revenue & differentiation: cheaper execution enables new product shapes (mass-affluent advisory, prevention services, embedded distribution) because marginal cost per interaction falls.

CXO CTAs

Adopt “AI unit economics” as a board metric: cost per onboarding / dispute / claim / decision, with quality and latency SLOs (not just model benchmarks).
Stand up AI FinOps as a joint CFO–CTO operating cadence: usage visibility, chargeback/showback, and optimization backlogs tied to business journeys. (FinOps Framework, FinOps Framework 2025 update)
Implement model routing and tiering by risk + value: cheap models for low-risk steps, stronger models only when needed; explicitly define “regulated thresholds” for escalation.
Engineer caching + context discipline as policy: KV cache strategy, RAG limits, and context windows become cost policy, not developer preference. (NVIDIA — KV cache optimization)
Treat accelerator capacity like a governed pool: allocate by ROI and criticality; create priority lanes for fraud/AML/cyber and customer-critical moments.

Trend #6: AI Underwriting, Claims & Credit Revolution

Underwriting, claims, and credit are becoming real-time decision systems, not periodic assessments. For decades, BFSI “decided” at moments: underwriting at issuance, credit at origination, claims after loss. In 2026–2028, that cadence breaks. With richer signals (cashflow, behavior, device, image/video, network risk) and agentic workflows, institutions shift from batch judgment to continuous, explainable decisioning—with provable traces that regulators and customers can challenge. This isn’t optional. Supervisors are explicitly flagging that lack of explainability creates prudential concerns and can impede compliance assessment. (Bank for International Settlements)

Article content

The shift is from document-based decisions to signal-based decisions with audit-grade “why.” The winners will redesign three engines—credit, underwriting, and claims—around the same principle: autonomy where safe, explanation always, escalation when consequential.

Three forces converge here:

Decisioning is moving from “point-in-time” to “continuous” Real-time data allows underwriting and credit models to adjust as behavior and exposure change—reducing adverse selection and catching deterioration earlier (especially in cashflow-linked lending and usage-based/IoT-linked coverage).
Claims is becoming a triage-and-settlement pipeline, not a back office Computer vision and NLP are now mainstream patterns in claims automation—especially for auto and property triage—turning intake into a structured workflow that can fast-track low-risk claims and isolate fraud/complexity early. (EIS)
Explainability is the price of autonomy The more AI moves toward decisioning, the more “because the model said so” becomes unacceptable. Regulators and MRM frameworks still expect governance, validation, and ongoing monitoring—even when models evolve. (Federal Reserve)

Business impact

Cost & efficiency: straight-through processing expands (especially for low-severity, low-fraud claims), shrinking manual handling and rework. (EIS)
Speed & adaptability: underwriting and credit become faster to adjust when markets shift—limits, pricing, and appetite can move with signals, not quarters.
Risk & resilience: fraud detection improves through multi-signal scoring; bad risks are surfaced earlier; model decisions can be defended with traceability rather than intuition. (Bank for International Settlements)
Revenue & differentiation: better precision pricing + faster settlement becomes a growth lever (retention, NPS, and selective expansion into under-served segments).

CXO CTAs

Define “autonomy boundaries” for regulated decisioning: assistive vs decisioning vs autonomous; set escalation thresholds and named authorities (credit, claims, underwriting).
Make explainability a product requirement, not a compliance afterthought: require counterfactual explanations, reason codes, and reproducible decision traces for every consequential outcome. (Bank for International Settlements)
Re-architect claims as a triage factory: vision/NLP at intake, fraud scoring early, parametric fast-pay lanes where triggers are objective, and human adjusters focused on high-severity complexity. (EIS)
Instrument model drift like operational risk: live monitoring, challenger models, and feedback loops from disputes, appeals, and reversals into governance. (Capgemini)
Tie the business case to unit economics: cost per claim settled, cost per credit decision, time-to-quote, time-to-settlement, and reversal/appeal rates—manage them like P&L levers.

Trend #7: AI Governance, Controls-as-Code & Risk Tiering

AI governance is no longer a policy binder. It’s becoming runtime infrastructure. As AI shifts from “assist” to “decide” to “act,” BFSI is being pushed into a new standard: prove control continuously, not periodically. The EU’s AI Act is the clearest forcing function—rolling out obligations in phases (including general provisions and literacy, then general-purpose AI governance, then high-risk obligations) and pulling governance from compliance theatre into engineering reality. (European Commission — AI Act timeline, EU AI Act policy page) (AI Act Service Desk)

Article content

The shift is from model governance after the fact to controls embedded at build-time and enforced at run-time. Most institutions still govern AI like a project: a model review, a sign-off, an annual validation cycle. That collapses in agentic systems, where actions can be chained, tools can be invoked, and outcomes can be consequential in minutes. The winning pattern is risk tiering + controls-as-code: classify AI by what it can do, then enforce guardrails automatically across the SDLC and runtime—permissions, separation of duties, approvals, logging, traceability, and escalation thresholds.

Three forces converge here:

EU AI Act enforcement turns “good practice” into obligations The Commission’s official timeline shows progressive application through 2 August 2027, including earlier milestones around AI literacy/prohibitions and governance obligations for general-purpose AI. (European Commission — AI Act timeline) (AI Act Service Desk) At the same time, there’s active debate and policy motion around timing for “high-risk” rules (including proposals to delay aspects), which is exactly why leaders should architect for compliance-by-design rather than bet on dates. (Reuters — timeline reaffirmation, Reuters — proposed delay) (Reuters)
Regulators are converging on governance, model risk, and explainability as systemic issues Supervisory bodies are explicitly pointing to governance and explainability weaknesses as risk accelerants—especially when AI influences credit and other consequential decisions. (BIS/FSI paper on explainability) (Bank for International Settlements)
Agentic workflows turn “control gaps” into real losses and fines Once agents generate and execute business communications, decisions, and actions at scale, weak recordkeeping and inconsistent approvals become a multiplier. The control plane must be automated because manual governance cannot keep up with machine-speed operations.

Business impact

Cost & efficiency: governance-as-code reduces rework and slows fewer releases—controls become reusable patterns, not bespoke compliance gates.
Speed & adaptability: risk tiering lets you scale safely: low-risk assistive use cases move fast; high-risk decisioning gets stronger constraints by default.
Risk & resilience: audit-grade traceability (“who/what/why”) becomes defensible evidence, not tribal knowledge—especially critical under EU AI Act and model risk expectations. (BIS/FSI) (Bank for International Settlements)
Revenue & differentiation: trust becomes a competitive advantage—institutions that can safely delegate more work to agents can serve more customers and partners with the same headcount base.

CXO CTAs

Adopt a 3-tier AI risk model and enforce it everywhere: assistive → decisioning → autonomous. Tie each tier to mandatory controls (approval gates, evidencing, reversibility, human escalation).
Make controls-as-code non-negotiable: encode SoD, approvals, policy checks, and logging into pipelines and runtime—no “manual checklist” for systems that act at scale.
Stand up an “AI Control Plane” with audit-grade traces: every consequential step must be reconstructable: inputs, context, tools invoked, constraints applied, outputs, and handoffs.
Treat compliance deadlines as architecture deadlines: whether “high-risk” provisions land in 2026 or slide, the build effort is the same—design now so you don’t refactor under regulatory fire. (European Commission timeline, Reuters) (AI Act Service Desk)
Redefine “done” for AI features: nothing ships without: risk tier label, control evidence, runtime observability, and a rollback/escalation design.

META FORCE III — PROGRAMMABLE MONEY & NEW REVENUE MODELS (2026–2028)

Trend #8: Digital Assets, Stablecoins & Institutional Crypto

Digital assets are moving from “innovation perimeter” to regulated infrastructure. What changed is not ideology—it’s policy and plumbing. In the U.S., stablecoin regulation has been put on rails through the GENIUS Act (signed July 18, 2025), explicitly pulling stablecoin issuers into BSA/AML expectations and setting a federal framework for payment stablecoins. (White House fact sheet, Latham & Watkins summary) At the same time, the “debanking” constraint was politically targeted via the Fair Banking executive order (signed Aug 7, 2025), including direction to remove “reputational risk” concepts from supervisory materials—reducing a major barrier that kept many banks from touching digital asset clients. (White House fact sheet, Sidley analysis) This is why 2026–2028 becomes the institutional phase: stablecoins for settlement, tokenized collateral patterns, and custody/market infrastructure moving inside regulated boundaries.

Article content

The shift is from crypto as an asset class to stablecoins + tokenization as new settlement and treasury primitives. Banks and insurers don’t win here by “having crypto.” They win by owning the rails: issuing/holding regulated stablecoins, routing value across networks, providing institutional custody, and using tokenization to compress settlement cycles and unlock liquidity.

Three forces converge here:

Stablecoins became a regulated category (U.S.) The GENIUS Act establishes a U.S. framework for payment stablecoins and explicitly subjects issuers to BSA obligations—shifting stablecoins from “regulatory ambiguity” into “regulated issuance and compliance.” (White House) Implementation details are now moving into the rulemaking and supervisory layer, with legal and regulatory communities tracking obligations, licensing, reserves, and timing. (Reuters Practical Law explainer)
Bank participation barriers are being lowered The Fair Banking EO directly targets “reputational risk” as a basis for denial of services, changing the supervisory tone that previously chilled bank engagement with digital asset firms. (White House, DLA Piper analysis) Separately, regulators have signaled more explicit permissioning pathways for certain crypto activities (e.g., custody and stablecoin-related rails), reinforcing momentum. (Reuters on OCC clarification)
State behavior is changing the narrative: Bitcoin as “reserve” optics The U.S. established a Strategic Bitcoin Reserve and a Digital Asset Stockpile via Executive Order 14233 (signed March 6, 2025). That doesn’t make Bitcoin “safe”—it makes digital assets strategic and politically durable as a policy area. (Federal Register, White House fact sheet)

Business impact

Cost & efficiency: stablecoins and tokenized settlement can reduce friction in treasury, cross-border settlement, and reconciliation—especially where correspondent banking cost/latency is punitive.
Speed & adaptability: programmable money enables conditional settlement and new workflow designs (treasury automation, collateral mobility, instant payout patterns).
Risk & resilience: new risk stack: reserve governance, wallet/custody controls, sanctions screening at speed, smart contract/operational risk, and fraud vectors. GENIUS Act’s BSA emphasis makes compliance capabilities non-negotiable. (White House)
Revenue & differentiation: custody, issuance, liquidity, routing, tokenized collateral services, and institutional-grade compliance become monetizable platforms—not just products.

CXO CTAs

Decide your role in the stablecoin stack: issuer, distributor, custodian, or orchestrator. “Observer” is not a strategy once frameworks harden. (GENIUS Act fact sheet)
Build stablecoin-grade compliance as a product capability: BSA/AML, sanctions, monitoring, travel-rule-like expectations, and auditability at transaction speed—engineered, not manual.
Stand up a digital-asset treasury and risk policy: reserve management, liquidity stress, counterparty limits, operational controls, and incident playbooks.
Treat custody as a control-plane problem: key management, segregation, recovery, and governance must be as strong as your core banking controls—because failures are existential, not reputational.
Run scenario economics: stablecoin settlement and tokenized flows change fee pools; model what gets cannibalized and what scales.

Trend #9: Tokenization of Real-World Assets & Capital Markets

Tokenization is no longer a lab experiment—it’s becoming market plumbing. The real signal isn’t another pilot. It’s central banks and market infrastructure providers moving tokenization toward collateral eligibility, settlement in central bank money, and regulated tokenization services—the three prerequisites for institutional scale. The BIS has framed tokenisation as a path to a “next-generation monetary and financial system,” built around tokenised platforms where central bank reserves, commercial bank money, and government bonds sit at the core. (BIS Annual Economic Report 2025 — tokenisation chapter)

Article content

The shift is from tokenized issuance to tokenized lifecycle + collateral mobility + settlement finality. Most institutions talk about “tokenized assets” as if the main value is fractional ownership. That’s not where the first institutional profit comes from. The early economic win is post-trade compression: faster settlement, fewer breaks, real-time collateral optimization, and programmable margining—if legal finality, dispute handling, and settlement in safe money are engineered.

Three forces converge here:

Collateral is the killer use case—because it unlocks liquidity Tokenization matters most when it improves collateral mobility and margin efficiency, not when it creates a new wrapper. DTCC has been explicit in pushing tokenized real-time collateral management and institutional-grade infrastructure patterns. (DTCC — tokenized real-time collateral platform announcement, DTCC Collateral AppChain) And central banks are starting to move from curiosity to eligibility: Reuters reported the ECB will permit banks to use tokenised assets as collateral from March 2026, and the Bank of England is open to accepting more tokenised assets as collateral. (Reuters — BoE open to tokenised collateral; ECB from March 2026)
Wholesale settlement experimentation is becoming structured public-sector work The Eurosystem ran wholesale DLT exploratory work (May–Nov 2024) with 64 participants and 50+ trials, focused on settlement of DLT-based transactions in central bank money via interoperability approaches—exactly the “safe settlement asset” requirement institutions care about. (ECB — DLT exploratory work)
Regulators are laying down the investor-protection and market-integrity rails IOSCO’s 2025 report makes the point plainly: tokenization may bring efficiency and programmability—but it also raises market integrity and investor protection implications that supervisors will expect firms to manage. (IOSCO — Tokenization of Financial Assets (Nov 2025)) At the infrastructure layer, DTCC received an SEC no-action letter enabling a service to accelerate tokenization of DTC-custodied assets—another signal that regulated market plumbing is moving. (DTCC — SEC no-action letter / tokenized DTC-custodied assets)

Business impact

Cost & efficiency: fewer breaks, faster settlement, and improved collateral/margin operations—reducing manual reconciliation and trapped liquidity. (DTCC collateral platform)
Speed & adaptability: shorter settlement cycles and programmable workflows accelerate product innovation (repo, securities finance, structured products).
Risk & resilience: new operational risks appear: smart-contract logic errors, key management failures, disputed finality, and cross-platform interoperability. Supervisors will look for end-to-end control, not tech novelty. (IOSCO 2025)
Revenue & differentiation: custody, tokenization services, collateral optimization, issuance orchestration, and “tokenized post-trade” become fee pools—especially for institutions that can provide safe, compliant rails.

CXO CTAs

Stop treating tokenization as an issuance experiment—treat it as a post-trade redesign: pick 1–2 high-value flows (repo/collateral, fund units, private markets) and redesign the full lifecycle: issuance → transfer → servicing → margin → settlement → dispute handling.
Make legal finality and dispute ops first-class: define how reversals, fails, and claims are handled—because institutional adoption dies in exceptions, not in demos.
Anchor on “safe settlement asset” strategy: align tokenization roadmap to central bank money settlement pathways and regulated infrastructure participation where available. (BIS 2025, ECB DLT work)
Build tokenized collateral capability before tokenized everything: collateral mobility is the fastest path to liquidity ROI and balance-sheet relevance. (DTCC Collateral AppChain)
Treat tokenization controls like core controls: key management, segregation, recovery, audit trails, and operational resilience cannot be “phase two.”

Trend #10: Real-Time, Cross-Border & Programmable Payment Rails

Payments are no longer a product line. They’re becoming competitive infrastructure. In 2026–2028, the winners won’t be the institutions with “faster payments” banners. They’ll be the ones that can route money across multiple rails (public and private), operate treasury 24×7, and embed conditional logic into settlement—while regulators simultaneously tighten the system toward trust-first (even if that means adding friction). India’s UPI scale alone signals what’s coming: RBI leadership has cited ~20B UPI transactions/month representing $280B+ value—a public-good rail operating at super-scale. (https://m.economictimes.com/news/economy/finance/india-makes-85-pc-of-digital-payment-through-upi-rbi-guv-malhotra/articleshow/124608197.cms) (The Economic Times)

Article content

The shift is from single-rail payments to multi-rail orchestration with programmable settlement.

Three forces converge here:

24×7 money forces a 24×7 operating model Real-time rails don’t just change customer experience—they change liquidity management. Treasury can’t be “business hours” when settlement is always-on. Institutions must rebuild forecasting, limits, exception operations, and incident response for continuous movement.
Cross-border becomes a routing problem, not a correspondent habit The future isn’t one “best” cross-border rail. It’s dynamic routing across options by cost, speed, FX, compliance, and failure modes. The ECB has publicly moved forward on connecting Europe’s TIPS with India’s UPI (and Nexus exploratory work), signaling an emerging template: regional instant payment systems linking for cheaper, faster corridors. ECB update: https://www.ecb.europa.eu/press/intro/news/html/ecb.mipnews251120.en.html (European Central Bank) Broader coverage: https://timesofindia.indiatimes.com/business/india-business/cross-border-payments-boost-india-eu-begin-phase-to-link-upi-with-tips-remittances-to-get-cheaper/articleshow/125488645.cms (The Times of India)
Regulators are trading speed for safety (a reversal from frictionless-first) Fraud pressure is pushing supervisors toward calibrated safeguards. In India, RBI has proposed measures like lagged credits and additional authentication for vulnerable segments (e.g., senior citizens)—explicitly prioritizing trust and protection. Discussion paper coverage: https://www.business-standard.com/finance/news/rbi-proposes-a-discussion-paper-for-digital-payments-safeguards-126020601736_1.html (Business Standard) More detail on the safeguards direction: https://www.moneycontrol.com/news/business/personal-finance/rbi-to-up-safeguards-to-prevent-digital-payment-frauds-with-extra-protection-for-senior-citizens-13814930.html (Moneycontrol)

Business impact

Cost & efficiency: multi-rail routing reduces “default” cross-border costs; fewer exceptions when ISO 20022 structured data is used as a reconciliation and compliance accelerator.
Speed & adaptability: programmable release logic (conditional settlement, escrow-like behavior) enables new product designs in B2B trade, marketplaces, insurance payouts, and treasury automation.
Risk & resilience: real-time rails compress the window for fraud detection and dispute handling; controls must move upstream (identity, risk scoring, step-up auth, hold-and-review patterns).
Revenue & differentiation: payments becomes a platform lever—treasury operating systems, corridor optimization, liquidity tools, and embedded distribution drive fee pools beyond MDR.

CXO CTAs

Stand up a 24×7 treasury operating model: real-time liquidity forecasting, automated limit management, and an always-on exception desk for high-value/high-risk flows.
Build a “multi-rail router” capability: policy-driven routing by cost/speed/compliance; failover and observability as first-class design.
Treat ISO 20022 as a data platform, not a format: standardize semantics so payments data becomes usable for fraud, compliance, and client insights.
Productize programmable payments: conditional settlement, milestone-based release, and dispute-aware workflows (especially for B2B, marketplaces, and claims/payout use cases).
Design for trust-first regulation: implement lagged-credit and step-up-auth patterns where risk warrants—don’t wait to be forced. (See RBI safeguards direction above.) (Business Standard)

Trend #11: Big Tech, Neobank & Platform Boundary Wars

The boundary between “bank” and “platform” is being redrawn in real time. Big Tech isn’t trying to become a bank the way incumbents imagine. It’s doing something more dangerous: owning the customer moment, embedding finance inside commerce and devices, and letting regulated partners carry the balance sheet—until it makes sense to pull more of the stack in-house. Recent signals are explicit: Apple is expanding its payments footprint and re-wiring its banking partners (e.g., JPMorgan taking over Apple’s ~$20B card portfolio). (FT, Reuters on Apple Pay India talks) (Financial Times) Meanwhile, neobanks are moving the other direction: toward charters to control their destiny. Mercury publicly filed for an OCC national bank charter (Dec 2025). (Mercury, Payments Dive) (Mercury)

Article content

The shift is from “competition between institutions” to competition between stacks: who manufactures, who distributes, who orchestrates.

Three forces converge here:

Big Tech is building distribution leverage that banks can’t out-market Apple’s ecosystem strategy keeps expanding: payments expansion (reported Apple Pay India launch talks) and partner reconfiguration (JPMorgan–Apple card portfolio move). That’s not a payments feature—it’s channel power. (Reuters, FT) (Reuters) Amazon is also pushing deeper into credit infrastructure (e.g., Axio acquisition enabling direct lending license in India). (Reuters) (Reuters)
Neobanks are trying to remove dependency risk by pursuing charters Charters reduce reliance on sponsor banks, improve control of unit economics, and harden brand trust. Mercury’s OCC charter application is a clean signal of this direction. (Mercury) (Mercury) Nubank has also pursued a U.S. national bank charter path (application reported Sept 2025; follow-on updates continue in 2026). (Reuters, Nu) (Reuters)
“Who owns the customer” is becoming “who owns the orchestration” If commerce platforms and device ecosystems become the default origin point for transactions, banks risk being relegated to manufacturing + compliance utilities unless they develop their own distribution wedges (SME platforms, treasury OS, embedded partnerships they control) and orchestration capabilities.

Business impact

Cost & efficiency: distribution shifts to platforms compress acquisition costs for platform owners—and raises them for banks that rely on traditional channels.
Speed & adaptability: partner-led models can scale fast, but amplify dependency risk (pricing power, data access, sudden program shifts).
Risk & resilience: concentration risk moves from loan books to platform relationships (single-partner exposure becomes systemic to fee lines).
Revenue & differentiation: the upside is real if banks choose where to play—issuer/underwriter, balance sheet + risk engine, or full-stack orchestrator in selected segments.

CXO CTAs

Declare your position in the stack (per segment): manufacturer vs distributor vs orchestrator—then design incentives, tech, and governance accordingly.
Treat platform partnerships like large exposures: define concentration limits, contingency plans, data/consent rights, audit rights, and exit mechanics as rigorously as credit covenants.
Build “bank-owned distribution wedges”: SME operating systems (treasury OS), vertical platforms, and embedded finance where you control the customer permissioning layer—not just the balance sheet.
Design for portability: ensure products, risk models, and servicing flows can move across partners/rails without rewrites (or you will get priced).
Measure the right thing: track profit per distributed customer, partner dependency ratio, and retention after partner-sourced acquisition—not vanity signups.

Trend #12: Financial Media Networks (FMNs) & Data Monetization

Banks and insurers are discovering a new profit pool hiding in plain sight: first-party transaction reality. As advertising shifts into a privacy-first, measurement-driven era, the most valuable signal is no longer cookies—it’s verified spend and verified intent. That’s why FMNs are emerging as the next noninterest engine: they turn trusted financial distribution (apps, offers, merchant programs) into measurable commercial outcomes. JPMorgan’s Chase Media Solutions is the canonical proof point—operating at “retail media” scale inside a bank environment. (See Chase Media Solutions and third-party reporting on offer scale like SAS, Dec 2025.)

Article content

The shift is from “data as an asset” to data as a governed revenue product—with consent, measurement, and brand safety built-in. Most institutions still talk about “data monetization” like it’s a strategy slide. FMNs make it operational: merchants pay for outcomes (incremental spend, conversion, retention), and the bank gets a new revenue line without taking balance-sheet risk—if it can prove consent, purpose limitation, and clean measurement.

Three forces converge here:

Retail media-style economics are expanding in 2026 Retail media ad spend continues to outgrow other channels; 2026 growth expectations are explicitly strong in mainstream forecasts. (See EMARKETER retail media spending outlook for 2026.) FMNs are the BFSI adaptation of this same playbook—using bank-owned surfaces and transaction data.
Banks uniquely own “verified outcomes,” not just clicks Chase explicitly positions its capability around transaction-based marketing with massive scale (e.g., annual card sales and offer-driven merchant spend). (See metrics on Chase Media Solutions and industry coverage like Adweek, May 2025.) That matters because advertisers increasingly demand closed-loop measurement—proof that marketing drove spend, not impressions.
Privacy and consent are now the price of monetization In a cookieless / privacy-first world, first-party data collected with clear consent becomes the durable asset. (See consent framing from OneTrust and cookieless context from ecosystem players like Usercentrics.) For BFSI, this is existential: monetize without trust and you don’t just lose ad revenue—you risk the core relationship.

Business impact

Cost & efficiency: noninterest income that scales without expanding risk-weighted assets; marketing revenue becomes an operating leverage lever.
Speed & adaptability: FMNs create a rapid iteration loop—offers can be tested, optimized, and measured quickly compared to traditional bank product cycles.
Risk & resilience: new risk categories emerge—consent governance, fair lending / UDAAP adjacency, discrimination-by-proxy, advertiser brand safety, and model-driven targeting controls.
Revenue & differentiation: institutions that build “trusted commerce media” can create a defensible moat: verified identity + verified spend + measured outcomes.

CXO CTAs

Decide what you’re monetizing—and what you never will: define bright lines for allowable targeting, sensitive categories, and prohibited uses (trust is the balance sheet). Use a published policy posture, not internal folklore.
Stand up “consent + purpose” as product infrastructure: consent capture, revocation, purpose limitation, audit trails, retention rules—treat it like payments compliance. (Baseline patterns: OneTrust.)
Build closed-loop measurement as the core SKU: outcomes (incremental spend, repeat rate, share shift) beat impressions. This is the FMN differentiator vs ad-tech middlemen. (Examples of positioning and scale: Chase Media Solutions, Adweek.)
Operate it like a real business line: dedicated P&L owner, retail-media sales talent, clear advertiser onboarding, and brand safety governance—not “a marketing project.”
Pre-empt the backlash: embed fairness testing, proxy discrimination monitoring, and customer transparency into the design so monetization doesn’t become a reputational and regulatory event.

Trend #13: Wealth Management Democratization & AI-Powered Advisory

Wealth is becoming a mass-market operating model problem. The demand is obvious: younger segments expect digital-first, low-friction advice; older segments need retirement income clarity; and the industry is trying to serve both while margins compress. What’s new in 2026–2028 is the mechanism: AI makes advice scalable, and policy is actively nudging broader access to alternatives—even as critics warn retail markets may be absorbing risks they don’t yet understand.

A policy accelerant is explicit: the U.S. issued an Executive Order titled “Democratizing Access to Alternative Assets for 401(k) Investors” on Aug 7, 2025. (White House EO, KPMG regulatory alert) And the push is contested—Reuters has highlighted concerns about transparency, valuation, and cycle-tested risk as retail access expands. (Reuters — caution on democratizing private credit)

Article content

The shift is from high-touch advisory as a scarce resource to hybrid advice as a scalable platform—with alternatives and tokenized access expanding the “menu.” This trend isn’t “robo-advice 2.0.” It’s the convergence of three moves: AI advisors extend human coverage into the mass-affluent (planning, nudges, portfolio maintenance, tax behaviors). Fractional and tokenized wrappers expand access to products previously gated by ticket size and operational friction. Insurance-wealth convergence makes protection and investment one lifecycle platform, not separate channels—Manulife’s model (scale across both) is an instructive reference point. (Manulife investor fact sheet shows ~$1.7T AUMA as of Sep 30, 2025)

Three forces converge here:

AI makes advice “coverage-scalable” Robo/automated advisory continues to expand, with multiple market forecasts pointing to rapid growth through 2030 and beyond. (Grand View Research, Fortune Business Insights) The strategic point: the winning firms won’t replace advisors—they’ll make advisors supervise a larger “book” through AI-driven planning and service.
Policy is opening the door to alternatives in retirement channels The 401(k) alternatives Executive Order is a clear directional signal that broadening access is now politically supported (with implementation debates underway). (White House EO, Investment Company Institute perspective) But the risk narrative is equally real: private credit and other alts raise liquidity, valuation, and disclosure challenges—especially in downturns. (Reuters)
Tokenization and market plumbing can turn “access” into a real distribution channel Regulatory posture is evolving: the SEC recently allowed intraday trading for a tokenized money market fund via a special exemption—an important signal toward more flexible liquidity and “mutual-fund-like” tokenized access patterns. (Reuters — tokenized WisdomTree money market fund intraday trading) Separately, WEF has framed tokenization as a lever for improving access/efficiency in assets that are typically hard to access (real estate, private credit, PE). (WEF report)

Business impact

Cost & efficiency: lower marginal cost to deliver planning, nudges, rebalancing, and education—reducing service load while improving coverage. (Grand View Research)
Speed & adaptability: hybrid models let firms re-segment quickly (mass-affluent, HNW, retirement income) without rebuilding the entire advisor model.
Risk & resilience: democratization without guardrails creates mis-selling, liquidity mismatch, and valuation opacity risk—especially if alternatives penetrate retirement channels aggressively. (Reuters)
Revenue & differentiation: scaled advice + retirement income platforms + product innovation (alts, tokenized wrappers, protected portfolios) expand fee pools—if trust is maintained.

CXO CTAs

Adopt a “hybrid coverage model” as strategy: define what AI handles (planning, nudges, service, portfolio maintenance) vs what humans own (complex advice, suitability edge cases, life events).
Treat alternatives access as a risk-engineering problem first: liquidity gates, valuation governance, suitability logic, disclosure UX, and stress scenarios designed for real customer harm prevention—not just compliance. (White House EO, Reuters caution)
Build a retirement income platform, not a product shelf: systematic drawdown planning, annuity integration, tax-aware strategies, and personalized guardrails.
Design tokenized access carefully: focus on operational realities—settlement, custody, disclosure, and intraday liquidity/valuation policy—before expanding product breadth. (Reuters — tokenized money market intraday trading)
Lean into insurance-wealth convergence: unify protection + investment journeys (especially in Asia) and design “protection wrappers” around wealth outcomes—this is how insurers with asset platforms scale. (Manulife fact sheet)

Trend #14: Supply Chain & Trade Finance Digitization

Trade finance is being rebuilt because paper is now a competitive disadvantage. In a tariff-fragmented world, corporates are rerouting suppliers and corridors—and they need liquidity, guarantees, and risk coverage at the speed of disruption. But paper-based trade still creates multi-day friction: delays, fraud surface, manual checking, and trapped working capital. The shift in 2026–2028 is from “digitizing documents” to digitizing enforceability: electronic trade documents with legal recognition, interoperable standards, and automated processing that turns trade events into finance events.

Article content

The shift is from document handling to event-driven trade finance. Digitizing trade finance isn’t primarily a blockchain story. It’s a legal + standards + workflow story: eBLs and electronic transferable records only create real value when they are legally recognized, transferable, and accepted across counterparties and jurisdictions.

Three forces converge here:

Electronic Bills of Lading are becoming the unlock for paperless trade The International Trade Centre (ITC) has laid out how eBL adoption can materially improve speed, reduce costs, and tighten risk controls—but only when ecosystem adoption and legal frameworks align. (ITC — Expediting Trade Through Electronic Bills of Lading) (International Trade Centre) The ICC is also actively pushing the industry understanding and standardization narrative around eBL transformation. (ICC Academy — eBL paper) (ICC Academy)
Legal reform is the bottleneck—and MLETR is the template Paperless trade stalls when an electronic record can’t substitute for a transferable paper instrument in court. The UNCITRAL Model Law on Electronic Transferable Records (MLETR) is repeatedly cited as the practical template for legal recognition of electronic transferable records (like bills of lading and warehouse receipts). (APEC paper on paperless trade + MLETR) (APEC) This is showing up as policy action in 2026: India’s draft push on electronic trade documents is being positioned as a comprehensive approach to trade digitization. (GTR review — India draft electronic trade documents bill) (GT Review)
Standards and interoperability are becoming the strategic layer Digitization without interoperability creates “new paper”: siloed platforms and manual exception handling. ICC’s Digital Standards Initiative is explicitly aimed at harmonizing digital trade standards across stakeholders and geographies. (ICC DSI) (icc-dsi)

Business impact

Cost & efficiency: faster document processing, fewer discrepancies, reduced manual checking, and less trapped working capital when trade events become machine-processable. (ITC eBL paper) (International Trade Centre)
Speed & adaptability: enables “tariff-driven corridor rewiring” financing—new supplier onboarding, dynamic discounting, faster issuance/negotiation cycles.
Risk & resilience: reduces document fraud and mismatch risks, but shifts focus to digital controls: identity, provenance, and platform interoperability failure modes.
Revenue: SCF and trade platforms become a scalable fee engine when digitization moves beyond pilots into repeatable workflows—especially in reshoring and corridor diversification cycles.

CXO CTAs

Make legal enforceability part of the product roadmap: align your trade digitization program to MLETR-style recognition pathways in your key corridors; don’t build “digital documents” that can’t travel. (APEC paper) (APEC)
Redesign trade ops around straight-through processing: treat document checking as an exception workflow; automate first pass and reserve humans for anomalies.
Invest in interoperability, not just platforms: adopt harmonized standards and partner ecosystems so e-documents can move across carriers, banks, insurers, and customs. (ICC DSI) (icc-dsi)
Turn digitization into a corridor play: bundle trade finance + SCF + FX + treasury solutions targeted at sectors actively restructuring supply chains due to tariffs.
Measure it like a business: cycle time to issue/settle, discrepancy rate, manual touch rate, fraud loss rate, and incremental funded volume per corridor.

Trend #15: Treasury-as-a-Service & Corporate Liquidity Platforms

The next corporate battleground is not “cash management.” It’s who becomes the corporate operating system for money. As payments move 24×7 and supply chains fragment, corporate treasurers are forced into continuous liquidity decisions. They need real-time visibility, automated cash concentration, API-integrated controls, and exception handling that works across multiple rails. This is why Treasury-as-a-Service (TaaS) is emerging: banks can either sell products (accounts, payments, FX), or they can sell a platform that runs liquidity, routing, and control as a managed service.

Industry signals already point to this platform shift: the Financial Stability Board has highlighted vulnerabilities and structural shifts in the non-bank financial intermediation (NBFI) ecosystem that amplify liquidity and funding shocks—making corporate liquidity discipline more important and more continuous. (FSB annual report 2025, FSB NBFI vulnerabilities) (fsb.org)

Article content

The shift is from bank portals to bank-as-liquidity platform. TaaS isn’t about prettier dashboards. It’s about compressing the time between “cash position changed” and “action taken.” In a world of instant payments, stablecoins, and multi-rail routing, treasury becomes a real-time control loop: forecast → allocate → route → settle → reconcile → respond to exceptions.

Three forces converge here:

24×7 rails create 24×7 liquidity risk Instant settlement increases the speed at which cash moves—and therefore the speed at which mistakes and fraud can deplete liquidity. Liquidity forecasting and limits can’t be end-of-day batch processes when settlement never sleeps. (This also aligns with the broader payments shift discussed under Trend #10.)
ERP isn’t built to be the treasury execution layer ERP systems record and reconcile. They don’t natively optimize rail routing, execute conditional payments, or manage always-on exceptions across banks and corridors. This creates space for banks (and fintechs) to become the orchestrator layer.
API economics and embedded treasury are becoming normal Corporate clients increasingly expect bank capabilities to be embedded inside their workflows—APIs, virtual accounts, automated sweeps, programmable controls. The Bank for International Settlements has repeatedly emphasized how faster payments and modern infrastructures change settlement patterns and liquidity management needs—driving new operational requirements. (BIS — fast payments & FPS considerations) (bis.org)

Business impact

Cost & efficiency: lower manual treasury operations, fewer reconciliations, reduced exception processing, less idle cash.
Speed & adaptability: real-time forecasts and automated actions reduce cycle times for liquidity decisions and improve responsiveness during shocks.
Risk & resilience: better controls reduce fraud and operational errors; continuous monitoring improves incident response.
Revenue & differentiation: new fee pools: liquidity platform subscriptions, premium routing, virtual accounts, cash pooling automation, embedded FX, and analytics-driven treasury advisory.

CXO CTAs

Offer “bank as treasury OS” for priority segments: virtual accounts, real-time cash positions, rule-based sweeps, programmable approval policies, and exception workflows as a managed service.
Build 24×7 treasury operations and SLOs: define time-to-detect, time-to-act, exception resolution SLAs, and failover patterns like an SRE discipline.
Integrate multi-rail routing into treasury, not just payments: route by cost/speed/compliance and add dynamic limits and fraud scoring upstream.
Instrument “liquidity health” like credit health: forecasting accuracy, trapped-cash reduction, exception rate, and incident recoveries.
Package the value proposition in CFO language: “reduce idle cash,” “reduce errors,” “reduce time-to-close,” “improve working capital,” not “API modernization.”

META FORCE IV — THE NEW BUYER (2026–2028)

Trend #16: The $124T Great Wealth Transfer & Generational Shift

The biggest distribution event in modern finance isn’t a new channel—it’s an inheritance. Over the next two decades, an estimated $124T will transfer through 2048, with roughly $105T–$106T expected to flow to heirs (and the rest largely to charity). (Cerulli Associates) That scale doesn’t just move assets. It moves decision power—toward cohorts who expect finance to behave like software: instant, transparent, and self-directed. And when expectations shift at the same time as wealth shifts, loyalty becomes conditional.

Article content

The shift is from relationship inheritance to relationship re-competition. Banks and insurers have historically assumed that wealth transfer preserves the primary relationship. In 2026–2028, that assumption breaks. Heirs don’t “receive” a provider—they re-evaluate one. And their bar isn’t brand heritage; it’s digital execution, personalization, and outcomes.

Three forces converge here:

The transfer is real—and it’s uneven Cerulli’s work highlights that the majority of transfer volume is concentrated in HNW/UHNW households, meaning the revenue impact will be disproportionately decided by how well institutions retain and re-win complex relationships at the point of transition. (Cerulli Associates) (Translation: a small number of families drive an outsized share of fees, balances, and referrals.)
Digital preference is not “nice to have”—it’s selection criteria Survey reporting cites that millennials are the most likely generation to prefer banking digitally (Bankrate referencing ABA findings). (Bankrate) Separately, research reporting also shows ~80% of consumers prefer a full digital banking experience in an identity/verification context—another indicator that digital is becoming baseline, not differentiator. (Retail Banker International)
The competitive moment is the life event Wealth transfer is a chain of life events: bereavement, probate, property transitions, tax planning, family governance, and reinvestment decisions. The institutions that win don’t just have products—they have life-event orchestration: detect intent, guide the next best action, and execute with minimal friction.

Business impact

Cost & efficiency: digital-first servicing and advice reduces the marginal cost of engagement across large heir populations, while preserving human focus for high-complexity transitions.
Speed & adaptability: faster onboarding, beneficiary servicing, and transfer-of-assets workflows reduce leakage during the “decision window.”
Risk & resilience: inheritance moments increase fraud and scam exposure; identity verification and verified communications must tighten exactly when customers are vulnerable.
Revenue & differentiation: retention and expansion hinge on converting wealth transfer into multi-line relationships: deposits + investments + protection + lending + tax/estate support.

CXO CTAs

Build a “wealth transfer command playbook”: pre-built journeys for beneficiary onboarding, asset consolidation, trust/estate servicing, and protection re-evaluation—measured by time-to-completion and leakage rate.
Instrument life-event detection: signals from account behavior, inbound communications, and document events should trigger proactive support (with human escalation).
Modernize the inheritance experience end-to-end: the “death of paperwork” moment is a loyalty test; digitize identity, documentation, approvals, and disclosures without breaking controls.
Make protection part of the transfer conversation: heirs don’t just need portfolios—they need risk coverage (life, health, property, liability) redesigned for their life stage.
Redefine relationship KPIs: track assets retained post-transfer, time-to-consolidation, and cross-line penetration within 12 months of the triggering event.

Trend #17: AI Agents as Commerce & Transaction Originators

The next distribution shock in BFSI won’t be a new app. It will be a new originator. In 2026–2028, a growing share of purchases—and the financing, payments, and protection attached to them—will be initiated by AI agents acting on human intent. Protocols are already forming the “agentic checkout” layer: Visa’s Trusted Agent Protocol (under Visa Intelligent Commerce), OpenAI + Stripe’s Agentic Commerce Protocol (ACP), and Google’s Universal Commerce Protocol (UCP)—all aimed at making commerce agent-callable and making agents trust-verifiable. (Visa Developer)

Article content

The shift is from customers choosing products to agents routing intent across markets—and BFSI becomes the execution layer behind that routing. This is where “The New Buyer” stops being demographics and becomes architecture. If an agent can compare offers, validate identity, choose a payment method, embed credit/insurance, and complete checkout inside a conversation, the institution that wins is the one whose products are:

discoverable by agents
callable via stable contracts
approved under risk policy at runtime

Three forces converge here:

Agent-to-merchant protocols are becoming real infrastructure Visa’s Trusted Agent Protocol is explicitly designed to let agents pass credentials merchants can validate. (Visa Developer) Stripe + OpenAI describe ACP as an open standard enabling programmatic commerce flows between buyers, their agents, and businesses. (Stripe) Google’s UCP is positioned as the standard interface between an AI agent and a merchant backend, including checkout within Google AI Mode and Gemini. (Google for Developers)
B2B buying is forecast to become agent-intermediated at massive scale Gartner’s published prediction is stark: by 2028, 90% of B2B buying will be AI agent intermediated, pushing $15T of B2B spend through AI agent exchanges. (Gartner) For BFSI, that means treasury, embedded lending, invoice financing, and corporate cards increasingly get selected by agent workflows—not by relationship meetings.
Trust moves from “brand” to “verified agent identity + governed execution” Agents create a new fraud surface (agent impersonation, bot swarms, synthetic identities). The response is not marketing—it’s verification and policy enforcement: trusted agent registries/credentials, risk scoring, and step-up authentication integrated into the checkout flow. Visa’s TAP is an explicit trust move in this direction. (Visa Developer)

Business impact

Cost & efficiency: lower acquisition friction as agents streamline discovery and onboarding—but only if your product and policy are machine-readable and automatable.
Speed & adaptability: distribution shifts upstream into agent interfaces; product changes must propagate as contracts/feeds, not brochure updates.
Risk & resilience: fraud and compliance pressure intensify because transactions compress into fewer steps; controls must move “left” into identity, eligibility, and runtime policy checks.
Revenue & differentiation: winners capture “attach” economics—credit at checkout, protection at checkout, FX at checkout, loyalty/benefits—because the agent optimizes bundles, not single products.

CXO CTAs

Make your offers agent-readable: publish structured product feeds, pricing, eligibility, and constraints so agents can evaluate you without humans interpreting PDFs. (ACP and UCP both emphasize standardized programmatic exchange.) (OpenAI Developers)
Build an “agent-callable product surface”: quote, approve, pay, finance, insure—exposed as governed skills with stable inputs/outputs and explicit error semantics.
Engineer trusted agent identity into risk controls: support verification patterns (e.g., TAP-like credentials) and treat “agent authenticity” as a first-class fraud signal. (Visa Developer)
Redesign onboarding for machine-speed: KYC, consent, limits, and disclosures must be executable in-agent with audit trails—not back-and-forth workflows.
Track a new distribution KPI: agent-originated volume and attach rate per intent (credit, protection, FX, loyalty), plus decline reasons (so you can tune policies without increasing risk).

Trend #18: Embedded Finance 3.0, BaaS & Open Finance

Embedded finance is no longer a growth hack. It’s becoming a regulated distribution system. In 2026–2028, the winners won’t be the banks that “partner with fintechs.” They’ll be the banks that can manufacture trust at partner speed—embedding lending, treasury, and insurance into vertical platforms without creating a supervisory time bomb. Regulators have effectively made the rule clear: using third parties does not transfer accountability. (FDIC — Third-Party Relationships, Interagency statement on bank arrangements with third parties (Jul 2024))

Article content

The shift is from embedded finance experiments to embedded finance operating systems. Embedded Finance 1.0 was payments. 2.0 was “BaaS everywhere.” 3.0 is what happens after the hangover: tighter oversight, clearer contractual obligations, higher expectations for monitoring, and a pivot toward open finance primitives—consent, purpose limitation, revocation, and traceable data sharing.

Three forces converge here:

Regulators turned BaaS into a third-party risk exam topic, not an innovation story U.S. agencies published a joint statement in July 2024 highlighting risks and risk-management practices for bank arrangements delivering deposit products/services via third parties—essentially codifying the supervisory lens. (FDIC — Interagency statement) And the market got the message: multiple BaaS banks were hit with consent orders in 2024, frequently tied to weak due diligence and monitoring of fintech partners. (Banking Dive — running list of BaaS consent orders)
“Open finance” is diverging by jurisdiction—creating strategic architecture choices In the UK, regulators continue to build the long-term open banking framework and emphasize consented data sharing with security and consumer protection. (FCA — Open banking and the FCA, UK gov: FCA/PSR joint response on payments regulation (Dec 2025)) In the U.S., by contrast, the CFPB “open banking” rule was temporarily blocked by a federal judge, and is expected to be revisited under new leadership—injecting uncertainty into timeline and obligations. (Reuters — US judge blocks CFPB open banking rule (Oct 29, 2025))
The “new buyer” increasingly sits inside a vertical platform—so governance must move upstream When lending, payouts, wallet balances, insurance offers, or treasury functions are embedded into a SaaS or marketplace, the customer experience is controlled by the platform. That means your risk controls must be API-native: eligibility, limits, dispute handling, disclosures, complaints, and monitoring can’t rely on branch-era processes.

Business impact

Cost & efficiency: embedded distribution can lower acquisition costs—but only if onboarding, KYC/consent, and monitoring are standardized and automated.
Speed & adaptability: partner channels can scale quickly; institutions with strong “partner operations” win time-to-market without taking unmanaged risk.
Risk & resilience: weak partner governance becomes a direct path to consent orders, customer harm, and fraud escalation. (Banking Dive)
Revenue & differentiation: the durable upside is open finance + embedded finance together—permissioned data sharing that enables better underwriting, personalized offers, embedded protection, and treasury tools.

CXO CTAs

Treat embedded finance like a line of business, not a partnership: create a dedicated “Partner Risk & Operations” capability with clear accountability, SLAs, monitoring, and audit evidence. (Regulators emphasize bank accountability even with third parties: FDIC)
Standardize partner onboarding as a governed pipeline: due diligence, contract controls, complaint handling, dispute workflows, marketing approvals, and ongoing performance monitoring as reusable patterns—not bespoke deals. (Interagency statement)
Build open finance primitives now: consent capture, purpose limitation, revocation, and data provenance—because the commercial future of embedded distribution depends on trusted data flows. (UK direction: FCA)
Design for regulatory divergence: architect routing and controls so you can run open finance obligations differently by region (UK/EU momentum vs US uncertainty). (Reuters — CFPB rule blocked)
Measure the right risk KPIs: partner-driven complaint rates, unauthorized transaction rates, dispute SLA adherence, fraud loss per partner, and “time-to-contain” incidents—these will matter more than partner GMV.

What you’ll see in Part 2 (the consequences + the rebuild):

Deposit displacement: BNPL + wallets + platform checkout shifting the “spend moment” away from banks
Insurance at the point of intent: embedded, on-demand, and parametric products becoming mainstream
The prevention fee economy: insurers monetizing “predict-and-prevent,” not just payout-after-loss
Fraud at industrial scale: scams, deepfakes, mule networks, and synthetic identities driving outcome-based enforcement
Trust becomes cryptographic: provenance and post-quantum urgency moving from roadmap to execution
Identity becomes the perimeter: non-human identity governance and agent-era authorization controls
The operating system underneath: resilience engineering + modernization foundations that make “governed execution” real

Part 2 is the playbook—how BFSI leaders build machine-speed execution with audit-grade trust, before the next shock chooses the winners.