The Crews Bank app ships under a legacy Android package id, com.wauchulastatebank.grip, that gives away the bank's history. Wauchula State Bank — chartered in Hardee County, Florida in 1929 — rebranded as Crews Bank & Trust on 22 September 2023 after folding Englewood Bank & Trust, Charlotte State Bank & Trust and a smaller Arcadia-based Crews Bank & Trust into a single state-chartered commercial bank (per the FDIC institution record, certificate 8021). Today the consolidated bank runs 19 Florida branches and a Zelle-equipped mobile portal aimed at personal and small-business customers. None of that changes the integration question, but it shapes the engineering: there is one app, one current schema, and four legacy account-number formats still showing up in older statements.
Data the portal actually holds
The app description and Crews's own personal/business mobile-banking pages line up cleanly on what surfaces are exposed to an authenticated member. Each row below names the in-app surface a member can see, where it lives in the portal, the granularity that comes back, and what an integrator typically does with it.
| Domain | In-app surface | Granularity | Common use |
|---|---|---|---|
| Account list & balances | Accounts dashboard, including aggregated external accounts | Per-account current and available balance, account type, masked number | Cash-position dashboards, ledger sync |
| Transaction history | Account detail with member-added tags, notes, receipt photos | Per-line date, description, amount, posted/pending flag, optional tag/note/photo | Bookkeeping export, expense categorization |
| Monthly statements | Statements section | PDF per cycle, downloadable; older PDFs may carry pre-2023 brand | Year-end packs, audit trails, lender requests |
| Internal & external transfers | Move money | Source/destination, amount, scheduled date, recurrence rule | Sweep automation, treasury workflows |
| Zelle P2P | Pay a person via Zelle | Outbound and inbound P2P records keyed on phone/email, status | Receivables reconciliation |
| Mobile check deposit | Deposit checks (front/back capture) | Deposit timestamp, amount, hold status, check images | Deposit-day reporting, image archival |
| Card controls | Debit card section | Card on/off toggle, reorder events | Fraud-response automation |
| Alerts | Notifications & thresholds | Balance/transaction triggers, channel, recipient | Telemetry into a wider monitoring system |
| Branch & ATM finder | Locations | Static directory of the 19 branches plus ATM network | Customer-facing geocoded data |
Two of these rows carry the unusual surface area worth flagging up front. The app's "aggregate all of your financial accounts" view (per its Play Store description) means the member's view inside Crews Bank already contains balances pulled from other banks and credit unions through an aggregator partner — those records carry a different provenance than Crews-issued ones, and an integration consumer should be able to tell the two apart. And tags, notes, and receipt photos attached to transactions are member-generated metadata that lives on Crews's servers; they are part of the data the member can authorize a third party to read.
Routes to the data, and which one we'd actually run
We will name only routes that actually work for a small US community bank. There is no US regulated AIS regime in force today (see the data-rights section below), so the choice is between consent-led routes:
Route A — Member-authorized interface integration
The bank's mobile and web portals share a back end. With the account holder's written authorization, we instrument the actual session a member would run — login, MFA, account list, statement query, transfer history — and produce a clean client library that an integrator can call. Reachable surface: the full domain table above. Effort: about 1–2 weeks for a single account type. Durability: stable across normal portal releases; sensitive to occasional front-end refreshes, which we account for in maintenance. This is the route we would recommend for Crews Bank in almost every engagement; the consolidated charter and small institutional size make it both the practical and the dependable choice.
Route B — Native member export, where it exists
Crews's portal already supports member-initiated statement PDF download and on-screen export of recent activity. Where the integration job is one-shot — say, a year of statements for a loan application — we can build around the export rather than around the live session. Reachable surface: statements, recent transactions. Effort: a few days. Durability: very high, because exports change slowly. Limitation: no real-time view and no card or Zelle controls.
Route C — Aggregator-style consent flow on top of Route A
For software that needs to onboard many Crews members rather than one, we wrap Route A in a consent broker — a small web flow that takes the member through a Crews login, captures explicit scope (read-only, what to read, for how long), and stores a refreshable session token bounded by that scope. This is closer in shape to an AIS handshake without being one; the legal basis is still the member's contract with Crews, not a regulatory mandate.
What lands in your repo
Whatever the route, the delivered artifact is the same kind of thing — runnable code and the documents needed to run it in production:
- An OpenAPI 3.1 specification covering the endpoints we actually exercise — accounts, transactions, statements, transfers, Zelle, deposits, card controls.
- A short protocol & auth-flow report: how the Crews session is established, how it refreshes, where MFA sits in the path, what cookie / token state has to be carried, and the failure modes.
- Runnable source in Python and Node.js for the endpoints above, with a thin client class, pagination helpers, and a normalization layer that flattens the aggregator-sourced records into a consistent schema.
- Automated tests against a consenting account or a sponsor sandbox arranged during onboarding — golden-path tests on real responses plus contract tests pinned to schema fingerprints.
- An interface document the team can hand to engineering and compliance — fields, allowed values, retention guidance, and a section specifically on the consolidated-charter quirks.
If you'd rather not host the integration yourself, the same code runs behind our pay-per-call endpoint and you call it instead.
A sketch of the auth and statement flow
Illustrative only — exact field names and the cookie / header shape are confirmed during the build against a consenting account. The point of showing this is the rough shape of the work, not a copy-pasteable client.
# crews_client.py — sketch, not a final SDK
from crews_session import ConsentedSession
s = ConsentedSession.from_member_grant(
grant_id="grant_2026_05_abcd", # signed scope from the consent flow
scopes=["accounts:read", "statements:read", "transfers:read"],
)
# 1. Account list — includes Crews-issued and aggregated sub-accounts
accounts = s.get("/v1/accounts").json()
for acct in accounts["items"]:
is_aggregated = acct["origin"] != "crews" # external aggregator vs Crews
print(acct["mask"], acct["available_balance"], is_aggregated)
# 2. Statement PDF for a Crews-issued checking account
stmt = s.get(
f"/v1/accounts/{accounts['items'][0]['id']}/statements",
params={"cycle": "2026-04"},
)
pdf_url = stmt.json()["statements"][0]["download_url"]
# 3. Transaction page with member-added tags/notes preserved
txns = s.get(
f"/v1/accounts/{accounts['items'][0]['id']}/transactions",
params={"from": "2026-04-01", "to": "2026-04-30", "include": "tags,notes,images"},
).json()
# Token refresh and rotation are handled inside ConsentedSession.
# Any 401 here means the member's grant lapsed — re-route to the consent flow,
# do not silently retry.Normalized output shape
The integrator-facing schema is flatter than what the portal returns. A trimmed example:
{
"account": {
"id": "crb_chk_5512",
"mask": "****5512",
"type": "checking",
"origin": "crews", // "crews" or "aggregator:<name>"
"legacy_brand": "wauchula_state" // null for post-2023 originations
},
"balance": { "current": 4280.12, "available": 4280.12, "as_of": "2026-05-29T12:00:00Z" },
"transactions": [
{
"posted_at": "2026-05-28",
"amount": -42.10,
"description": "ZELLE TO A.SMITH",
"channel": "zelle",
"member_tag": "rent_share",
"member_note": "May utility split",
"receipt_image_ref": null
}
]
}US data-rights status, in plain English
For a US community bank, there is no equivalent of the UK Open Banking or Brazil Open Finance lane that we can simply plug into. The closest thing on the horizon is the CFPB Personal Financial Data Rights rule under §1033 of Dodd-Frank — but that rule is not in force. The Bureau finalized it in October 2024, a federal court enjoined enforcement, the case has been stayed, and on 22 August 2025 the CFPB published an Advance Notice of Proposed Rulemaking saying it intends to reconsider the rule. As finalized (since stayed) the obligations were sequenced by asset size, so even a settled version of §1033 would land on the largest banks first; a 19-branch Florida community bank is a long way down that list.
What that means for this engagement: §1033 is described here as a future state worth tracking, not as present-tense law the integration relies on. The basis we ride is the account holder's own authorization to access their own data and to delegate that access — captured in a written consent record, scoped to specific data domains, time-bound, and revocable. We log every call against that grant, minimize stored data to what the scope allows, and keep an NDA in place where the client's downstream use needs one.
Engineering choices specific to this bank
Four things make Crews different from the average US community-bank build, and we address them in the design rather than discover them mid-flight:
- Legacy package id. The Android app is published as
com.wauchulastatebank.grip, not under a Crews-branded namespace. We pin certificates and store-listing references against that real id, and the OpenAPI artifact names stay consistent with it, so a consumer's CI doesn't accidentally fetch a sibling Florida bank's bundle. - Four legacy charters in one schema. Wauchula State Bank, Englewood Bank & Trust, Charlotte State Bank & Trust and the previous Arcadia-based Crews Bank & Trust folded into the current institution in September 2023. Older statement PDFs and a small number of older account-number patterns still surface the prior brand. We add a normalization step so the integrator sees one schema, with a
legacy_brandfield for records that originated under a previous name. - Aggregator records mixed into the member view. The "single view" of accounts from other banks and credit unions is fed by an account-linking partner inside the portal. We mark those rows as aggregator-sourced rather than Crews-issued, so a consumer can ingest both, or only the Crews slice.
- Consent-refresh cadence. Sessions on the portal time out faster than a typical batch job assumes. The sync is designed around that window — long polls are broken into short authenticated calls, and we monitor the portal release notes so the parser is refreshed before the next front-end roll-out catches the live integration.
The visible surface — screenshots from the listing
These are the public Play Store screenshots for the app, shown here as evidence of what the authenticated portal looks like and where each data domain sits in the UI. Click any tile to expand.
How this mapping was put together
The app description was read against Crews's own personal and business mobile-banking product pages, the FDIC institution record was checked for charter and certificate, the consolidated history was confirmed from Crews's news pages on the 2023 rebrand, and the regulatory framing was checked against the CFPB's own reconsideration page on §1033. Specific sources cited:
- Crews Bank & Trust — Personal Mobile Banking product page
- Crews Bank & Trust — 2023 rebrand and three-charter consolidation announcement
- FDIC BankFind — institution details, certificate 8021
- CFPB — Personal Financial Data Rights Reconsideration
Mapping put together by the OpenBanking Studio integration desk, May 2026.
Other Florida-region apps with a similar data shape
An integration consumer who needs Crews data often needs the same domains out of a peer bank in the same footprint. The names below are listed for ecosystem reference, not as competitors and not as a ranking — each one holds broadly the same kind of authenticated member portal:
- Seacoast Bank — Florida-headquartered community bank with a near-identical account/statement/Zelle surface.
- Centennial Bank — multi-state community bank (Home BancShares) with a Florida footprint and a comparable mobile portal.
- SouthState Bank — Southeast regional with a more elaborate small-business and treasury surface.
- Amerant Bank — Miami-based community/regional bank with bilingual statement formatting.
- BankUnited — Florida regional with a larger business banking surface.
- First Horizon Bank — Southeast regional with treasury-management extensions on top of the same retail surfaces.
- Synovus Bank — Southeast regional, joint personal/business mobile app.
- Climate First Bank — St. Petersburg-based, digital-first Florida community bank.
Questions a Crews Bank integrator actually asks
Can the third-party balances aggregated inside the Crews Bank app — accounts the member has linked from other banks and credit unions — be exposed through the same integration?
Yes, when the member consents. The aggregation view inside the app is fed by an account-linking layer; we map that view as one feed and surface each linked institution as a sub-account, with a flag that marks which records come from Crews itself versus an external aggregator. A consumer of the integration can ingest both, or only the Crews-issued slice.
Do personal and business sessions follow the same authentication path?
They share the same login surface but the post-auth surfaces diverge — business accounts expose entitlements (multi-user roles, ACH origination, positive pay) that personal accounts do not. We scope the build to one of the two and document the schema differences for the other so a follow-on engagement can extend it.
Are legacy Wauchula State Bank or Charlotte State Bank account numbers still present in the data?
Sometimes, in older statement PDFs and in the package id (com.wauchulastatebank.grip) itself. After the September 2023 consolidation, live records use the unified Crews account format, but pre-merger statements can still carry the old branding. We add a normalization step so the integrator gets one schema regardless of which legacy system originated the record.
Does CFPB Section 1033 obligate Crews Bank to publish standardized data access today?
As of this writing, no. The CFPB Personal Financial Data Rights rule was finalized in October 2024 but has since been enjoined by a federal court and reopened by the Bureau for reconsideration; even as finalized it sequenced the largest covered persons first, and a 19-branch Florida community bank would not be in any near-term tranche. The dependable basis for accessing the data is the account holder's own authorization.
App profile — neutral recap
Name: Crews Bank. Package id: com.wauchulastatebank.grip. Publisher: Crews Bank & Trust (the consolidated successor to Wauchula State Bank, Englewood Bank & Trust, Charlotte State Bank & Trust, and the previous Arcadia-based Crews Bank & Trust, as of 22 September 2023). Platforms: Android and iOS. Footprint: 19 Florida branches per the bank's own pages. Member features (per the listing): account aggregation across banks and credit unions, transaction tags/notes/receipt photos, balance and activity alerts, P2P payments via Zelle, internal and external transfers, mobile check deposit, debit-card on/off and reorder, statement view/download, branch and ATM locator. Authentication: credentials plus a 4-digit passcode, with fingerprint or face biometrics on supported devices; enrollment in the bank's online banking is a prerequisite for using the app.
If any of this matches what you need from Crews Bank, the engagement is straightforward — give us the bank as the target and what data you want out of it, and we handle access, sandbox, and the written authorizations with you. The deliverable is the runnable source plus the OpenAPI spec, tests, and interface documentation, priced from $300 and paid only after delivery once you are satisfied; alternatively, the same integration lives behind our pay-per-call endpoint with no upfront fee. A typical Crews build takes one to two weeks. Open a project on /contact.html and tell us what you need.