Key Takeaways
- Connecticut's commercial financing disclosure law creates new documentation burdens that ripple directly into MCA underwriting workflows and bank verification processes.
- Lenders who rely on phone-based or manual verification face compounding compliance risk as state-level disclosure mandates multiply across jurisdictions.
- Asynchronous, recorded bank verification creates timestamped audit trails that satisfy disclosure and transparency requirements by default.
- The convergence of New York's proposed MCA criminalization bill and Connecticut's disclosure mandate signals a regulatory acceleration that demands proactive compliance infrastructure.
- MCA underwriting best practices in 2026 require treating every verification touchpoint as a potential compliance artifact, not just an underwriting step.
State Disclosure Mandates Are Rewriting MCA Underwriting Rules
Connecticut's commercial financing disclosure requirements are no longer theoretical. As the law moves toward enforcement, MCA lenders and funders operating in or originating deals into the state face a straightforward question: can your current underwriting process produce the documentation regulators expect to see? For most, the honest answer is no. The gap between how MCA underwriting best practices are described on paper and how they actually function inside a typical shop is widening, and disclosure mandates are the pressure that exposes it.
This matters right now because Connecticut is not acting in isolation. New York's proposed bill to criminalize certain MCA structures is moving through the state Senate, and Virginia already tracks 229 registered MCA providers with its own compliance expectations. The regulatory direction is clear: states want receipts. They want evidence that lenders disclosed terms, verified merchant financials accurately, and maintained records that can withstand scrutiny. The underwriting process is where all of this starts, and bank verification is the single step where documentation either exists or it doesn't.
This article breaks down what Connecticut's disclosure framework demands from MCA underwriting workflows, where traditional verification methods fall short, and how lenders can turn compliance overhead into an operational advantage.
What Connecticut's Disclosure Framework Actually Requires
The Scope of Disclosure for MCA Providers
Connecticut's commercial financing disclosure statute, modeled partly on California's SB 1235 framework, requires providers of merchant cash advances, among other commercial financing products, to present standardized disclosures before a transaction is consummated. These disclosures include the total amount of funds provided, the total cost of the financing, the estimated term, the payment frequency, and a description of prepayment policies. For MCA specifically, the law requires an estimated annual percentage rate, a calculation that has historically been contentious in the revenue-based financing space.
What makes this relevant to underwriting is the chain of evidence. Regulators don't just want to see that a disclosure was generated. They want to verify that the disclosed terms were based on accurate financial information about the merchant. If a lender discloses an estimated daily remittance amount based on stated revenue, but the bank verification process that confirmed that revenue was a phone call with no recording and no documentation, the disclosure itself becomes suspect. The Connecticut General Assembly's legislative record makes clear that enforcement will focus on whether disclosures reflect genuine underwriting diligence, not just pro forma compliance.
The Documentation Chain Starts at Bank Verification
Every MCA deal begins with some form of bank verification. Whether a lender reviews PDF statements, logs into a merchant's banking portal via screen share, or relies on data aggregation tools, the output of that step feeds directly into pricing, term structure, and disclosure calculations. Connecticut's law doesn't prescribe how bank verification must happen. It does, however, create a regulatory environment where the absence of verification documentation raises questions about the accuracy of everything downstream.
Consider a practical scenario. A funder prices a $50,000 advance based on a merchant's average daily balance and deposit volume, verified during a live phone call where an underwriter walked the merchant through their RBC or TD portal. The disclosure form shows an estimated APR of 38%. Six months later, the merchant defaults and alleges the terms were misrepresented. The funder's defense depends on demonstrating that the financial data underpinning the disclosure was verified accurately. Without a recording, a transcript, or any artifact from that verification call, the funder is relying on an underwriter's notes and memory. That is not a defensible position in 2026.
Multi-State Compliance Pressure Is Compounding
Connecticut is one front in a broader regulatory push. California's disclosure regime has been active since 2022. Virginia requires MCA provider registration. Utah has its own commercial financing rules. And as we covered in our analysis of Connecticut's commercial financing bill and its compliance implications, the trend is accelerating rather than plateauing.
For lenders operating across state lines, which is most of them, the compliance question isn't about one state's rules. It's about building verification and documentation infrastructure that satisfies the most demanding jurisdiction by default. A process that works in Connecticut should exceed what Virginia requires. A process that generates timestamped, immutable verification records should hold up in any state. The alternative is maintaining different verification protocols for different states, which is both operationally expensive and error-prone.
Where Traditional Verification Methods Break Down Under Disclosure Rules
Live Verification Calls Produce No Compliance Artifact
The standard MCA bank verification process in many shops involves an underwriter calling the merchant, asking them to log into their online banking portal, and walking through account balances, transaction histories, and deposit patterns in real time. This method works for the immediate underwriting decision. It does not work for compliance documentation.
Live calls are ephemeral. Unless the call is recorded, and many aren't due to consent and logistics challenges, the only evidence that verification happened is whatever the underwriter typed into a CRM or spreadsheet. Regulators reviewing a file months or years after funding won't accept "underwriter confirmed balances looked good" as verification evidence. They need to see what was verified, when it was verified, and ideally, exactly what the merchant's banking portal displayed at the time of verification.
PDF Bank Statements Are Increasingly Unreliable
Some lenders bypass live verification entirely and rely on uploaded PDF bank statements. This approach has its own well-documented problems. PDF manipulation tools have become sophisticated enough that altered statements can pass visual inspection. Even when lenders use document analysis software, the gap between a manipulated PDF and a genuine one has narrowed to the point where AI document verification catches discrepancies that traditional checks miss, but no system is infallible against every forgery technique.
More critically for disclosure compliance, a PDF statement is a static snapshot. It doesn't prove the merchant actually holds the account, that the statement wasn't generated from a template, or that the data matches what the merchant's live banking portal shows. Connecticut's disclosure framework doesn't explicitly require live verification, but the evidentiary standard it creates strongly favors methods that produce richer, more tamper-resistant documentation.
Open Banking APIs Don't Cover Every Merchant
Data aggregation platforms offer programmatic access to bank transaction data, and they're valuable tools in the underwriting stack. They also have limitations that matter for MCA specifically. Coverage gaps exist, particularly among smaller community banks and credit unions that many small business merchants use. Connection reliability varies. And most importantly, API-sourced data doesn't produce the kind of visual, contextual evidence that demonstrates a merchant's banking relationship to a compliance reviewer.
An API pull shows transaction data in a spreadsheet or JSON format. A recording of a merchant navigating their own banking portal shows the same data in context: the account holder's name, the institution's interface, the login session, the navigation path. For disclosure compliance purposes, the latter is substantially more persuasive.
Turning Compliance Requirements Into Workflow Advantages
The fundamental insight for MCA lenders adapting to disclosure mandates is that compliance documentation and underwriting verification can be the same activity, if the verification method produces durable artifacts by design.
Asynchronous bank verification, where a merchant records their own banking session at their convenience and submits the recording for underwriter review, accomplishes this. Every verification session becomes a timestamped video record of what the merchant's banking portal displayed, when they recorded it, and exactly which accounts and transactions were visible. This isn't a supplementary compliance step layered onto the existing process. It replaces the live call and generates stronger documentation simultaneously.
Exact Balance was built around this principle. When a lender sends a verification request through the platform, the merchant receives a secure link, records their banking session directly in their browser with no software installation required, and submits the recording. The lender's underwriting team reviews the recording on their own schedule, verifies the financial data, and marks the request as complete. The recording, the activity log showing when the link was opened and the recording started, and the completion timestamp all persist as compliance artifacts.
For Connecticut's disclosure requirements specifically, this means the financial data underlying every disclosure calculation has a verifiable source. If a regulator asks how a lender determined the merchant's average daily balance, the answer isn't a note in a CRM. It's a video recording of the merchant's banking portal showing exactly that balance, recorded on a specific date and time, stored securely with a full audit trail.
This approach also scales across jurisdictions without modification. The same verification recording that satisfies Connecticut's disclosure evidence requirements works equally well for New York Department of Financial Services inquiries, Virginia registration audits, or California disclosure reviews. One workflow, every state covered.
Frequently Asked Questions
What does Connecticut's commercial financing disclosure law require from MCA lenders?
Connecticut requires MCA providers to present standardized disclosures including total funding amount, total cost, estimated term, payment frequency, prepayment policies, and an estimated annual percentage rate before finalizing a transaction. The law also creates an implicit expectation that the financial data underlying these disclosures was verified through a documented, defensible process. Lenders should ensure their bank verification methods produce artifacts that can demonstrate the accuracy of disclosed terms if questioned by regulators.
How does bank verification documentation affect MCA compliance?
Bank verification is the foundational step that generates the financial data used to calculate disclosed terms like remittance amounts and APR estimates. If verification produces no durable documentation, the entire disclosure chain becomes vulnerable to challenge. Recordings, timestamps, and activity logs from verification sessions serve as evidence that the lender's disclosed terms were based on accurately verified merchant financials, not estimates or unverified self-reporting.
Can asynchronous verification replace live verification calls for compliance purposes?
Yes. Asynchronous verification, where the merchant records their banking session independently and submits it for review, actually produces stronger compliance documentation than live calls. A live call typically generates no recording and relies on underwriter notes. An async recording creates a timestamped video of the merchant's live banking portal, a complete activity log, and secure cloud storage. This evidence is more persuasive to regulators and auditors than any manual documentation of a phone conversation.
Which states currently have commercial financing disclosure requirements that affect MCA lenders?
As of 2026, California, Connecticut, New York, Utah, and Virginia all have some form of commercial financing disclosure or registration requirements that affect MCA providers. New York's legislature is also considering a bill that would extend criminal usury statutes to merchant cash advances and similar products. The regulatory trend is clearly toward increased transparency and documentation requirements, making robust verification infrastructure a strategic necessity rather than a nice-to-have.
Conclusion
Connecticut's disclosure mandate is not an isolated compliance checkbox. It's part of a sustained regulatory shift that will define which MCA lenders can operate confidently across jurisdictions and which ones carry unquantified legal risk in every funded deal. The lenders who build verification workflows that produce compliance-grade documentation by default, without adding steps or overhead, will have a structural advantage.
Exact Balance turns bank verification into that kind of workflow. Every verification request generates a timestamped recording, a complete activity log, and secure storage that satisfies the most demanding disclosure evidence standards. No scheduling, no manual documentation, no compliance gaps. Visit exactbalance.ca to see how asynchronous verification fits into your underwriting and compliance workflow.