Is two lender deposits in one week always stacking?

Not always. A merchant can take a legitimate second facility from a familiar lender. The signal is the pattern across the full statement set plus disclosure consistency, not deposit count alone.

How does Vyaso know which counterparties are lenders?

Through a maintained entity set covering MCA funders, fintech lenders, factors, and known platforms. The set updates with the engine, not per file.

Can a merchant hide stacking by routing through a personal account?

Personal-to-business movement triggers a separate kiting signal. Stacking that lands in personal accounts and transfers in often surfaces through both flags at once.

Does this depend on the parser used upstream?

No. The loan-stacking layer reads the structured transactions regardless of source: Ocrolus, Heron Data, Validis, or Vyaso's own parsing of raw PDFs.

Category · Patterns

How loan stacking actually shows up in a bank statement

Multiple lender deposits in a short window is the textbook signature. The patterns underwriters are missing in 2026 are subtler than that.

Vyaso underwriting team · PatternsMay 9, 2026576 words · 3 min read

Key takeaways

The textbook signature (two named lender deposits in a short window) catches the careless cases.
Sophisticated stacking disguises lender deposits as platform payouts, customer ACH, or factor settlements.
Fragmentation across accounts and across days is the second most common pattern in 2026.
The detection that worked five years ago is keyword-only. What works now is counterparty resolution combined with timing and amount analysis.
Vyaso's loan-stacking layer surfaces the textbook cases and the disguised ones in the same pass.

The textbook case

Two deposits arrive in a single week. The descriptions contain the word "FUNDING" or carry a known funder's name (QUICKFUND CAPITAL, VELOCITY LENDING, KAPITUS, ON DECK). The amounts are round, the timing is suspicious, and any underwriter who has seen ten files knows what they are looking at.

This case still happens. It accounts for the easy half of loan-stacking detection, the half that ten-year-old keyword rules still catch. The harder half is the rest of this post.

Disguise pattern 1: platform-mimicking descriptions

An MCA funder who wires money to the merchant has incentive to make the deposit look ordinary. The description on the ACH or wire is something the originating bank does not validate. A funder operating under "BLUE OAK FINANCIAL" can describe the deposit as "BLUEOAK PAYOUT," and to a keyword-based detector that reads more like a delivery-platform settlement than a lender wire.

The give-away is not the description. It is the counterparty entity. A real platform settles thousands of merchants every week. A disguised lender settles a handful. Counterparty resolution against historical platform signatures separates the two.

Disguise pattern 2: fragmentation across accounts

A merchant with three operating accounts can split a single funding round across all three. Each account shows one deposit, well-spaced from the next. None of the three individual statements trip a same-window-multiple-lender flag.

This is the pattern most often missed by single-account analysis. It requires reading the merchant's full bank picture, including any account the merchant did not voluntarily submit. The detection signal is consistency of amount and timing across accounts, not concentration within any one account.

Disguise pattern 3: factor company channels

Freight factoring is a legitimate financing channel for trucking businesses. Factor companies (Triumph, RTS, Apex, OTR) buy receivables and pay merchants up front. The deposits look superficially like lender wires.

Sophisticated stackers use this cover. A non-factor lender describes its wire to look like a factor settlement, and a keyword-based stacking detector trained on trucking files passes it through.

Industry-aware detection helps here. The transportation segment has a known set of factor entities; deposits from outside that set, described to mimic factor entries, are surfaced as candidates for stacking, not for factoring.

Disguise pattern 4: split-tranche funding

A 30,000-dollar funding round delivered as three 10,000 wires across a week, each described differently. Each wire individually fits within a benign deposit pattern; in aggregate they are a stacking event.

Detection here is statistical, not keyword-based. The signal is the joint distribution of amount, timing, and counterparty across the entire statement.

What Vyaso does

The loan-stacking layer reads the entire statement set, applies counterparty resolution against a maintained set of funder, fintech-lender, factor, and platform entities, and evaluates timing and amount jointly across accounts. Every flag carries a confidence figure and the specific deposits that contributed.

The underwriter sees a single line: "Loan stacking suspected (confidence 0.83). 2 lender deposits, 5 days apart." With one click into the flag, the deposits and the entity resolution are exposed.

What committee should ask

When the loan-stacking flag fires, the questions that should be asked at committee are not "is this fraud" but the following.

What confidence does the engine assign?
Which counterparties were resolved as lenders, and on what evidence?
Are the deposits across multiple accounts, or concentrated in one?
Has the merchant disclosed any active facilities?

The answers should be in the analysis. They are.

The detection that worked five years ago is keyword-only. What works in 2026 is counterparty resolution combined with timing and amount analysis across the merchant's full bank picture.

Related glossary terms

Loan stacking Account kiting Bank statement analysis Revenue confidence

Frequently asked

More from the blog

Why we re-weight instead of subtracting fraud

← Back to blog