The Central Bank (BC) took a new step this Friday (28) to restrict the use of so-called pocket accountsan instrument that brings together resources from several users in a single account, without individual identification of the holders.
Common on e-commerce platforms, the instrument started to be used by criminal organizations to hide financial operations and launder money.
When regulating the outsourcing of banking services in the Banking as a Service (BaaS) model, the BC made it clear that accounts opened, maintained or closed through this system must have individual ownership and can only be operated by the end customers themselves.
The practice of pocket accounts, according to the organization, was never permitted.
“From our point of view, pocket accounts are an irregular practice. Now, we are making it clear that each account needs to have its owner identified and be operated only by that person”, stated the BC Regulation director, Gilneu Vivan.
The measure reinforces the determination published at the beginning of the month, which forced financial institutions to close irregular accounts with pocket characteristics.
The BaaS regulation comes into force immediately, but existing contracts may be adapted until December 31, 2026. Approved on Thursday (27) by the National Monetary Council (CMN), the Joint Resolution 16/2025 it was only explained this Friday (28) by the Central Bank.
Organized crime
In recent months, federal investigations have revealed the use of this type of account by criminal factions. Operations such as Carbono Oculto and Poço de Lobato showed schemes that used fintechs, investment funds and concentrator accounts to mask transactions and move illicit resources.
According to Vivan, BaaS regulation had been under review for months, but gained weight in the face of growing risk.
“The standard increases transparency and improves the security of the financial system,” he said.
Pocket accounts were not always used for illegal purposes. E-commerce platforms used pocket accounts in their name to collect money from customers, later transferring the funds to stores or individuals selling the goods.
Reinforced responsibilities
The new regulatory framework also clarifies the responsibilities of institutions involved in the BaaS model. This system allows non-financial companies to offer services such as digital accounts, payment methods and credit to their customers through the infrastructure of a bank or payment institution.
Based on the standard, final responsibility for operations always remains with the institution authorized by the BC, even when services are completely outsourced. “You can delegate services, but not responsibility,” Vivan emphasized.
The new regulations include “know your customer” procedures, anti-money laundering and mandatory communications to the regulator. The rules also cover corporate governance, risk management, internal controls, security requirements, conduct and information transparency.
Single provider
The BC determined that a company can only contract accounts via BaaS with a single financial institution per type of account. Thus, a company may have a bank for a deposit account and a payment institution for a payment account, but not two providers for the same modality.
In addition to accounts, the regulation covers services such as Pix, direct debit, bank slips and credit granting. Left out, for now, are eFX services (international payments and transfers), sub-accreditation (participant in the payment arrangement that enables commercial establishments to accept a payment instrument issued by a payment institution or financial institution) and payment transaction initiators (ITPs), which will be discussed in the future.
Transparency
The standard requires customers to clearly know which financial institution is behind the services offered. Data on operations must be available to the BC and legally authorized bodies.
According to the regulator, the objective is to increase security for customers and institutions and reduce legal uncertainty, without compromising innovation in the sector.
