Compliance is the product, not a checkbox.
Card-network-ready underwriting, AI-powered transaction monitoring, and a documented program your acquirers can audit. We treat compliance as core infrastructure.
PCI DSS Level 1
Card data is processed within a PCI DSS Level 1 certified environment and never traverses our infrastructure unencrypted. Our control plane is governed by a SOC 2 program currently in progress.
KYC & KYB
Every applicant passes structured identity verification, business-registration validation against authoritative sources, and beneficial-owner attestation aligned with FinCEN customer due-diligence guidance.
OFAC & sanctions
Continuous screening against OFAC SDN, UN, EU, and HMT consolidated sanctions lists, with adverse-media monitoring on principals and entities. Re-screening runs nightly and on-demand.
AML & transaction monitoring
Real-time AI-powered monitoring with vertical-aware baselines, velocity controls, and structured case management. Suspicious-activity escalation paths are documented and audited.
Restricted-business policy
We do not onboard businesses on Visa BRAM or Mastercard BAU lists, or those engaged in prohibited activities defined in our Acceptable Use Policy. Reviews include vertical-specific licensing checks where applicable.
Audit & retention
All onboarding decisions, risk events, and reviewer actions are logged with immutable timestamps and retained for the periods required under applicable regulations and card-network rules.
Operating against published standards.
Our program is structured against PCI DSS v4.0, NIST CSF 2.0, FinCEN customer due-diligence guidance, and the operating rules of Visa, Mastercard, American Express, and Discover. We coordinate with our acquiring partners on category-specific obligations including BRAM, BAU, and high-risk MCC supplemental requirements.
Ready to talk?
Tell us about your business. We'll respond with a structured underwriting preview and a path to integration within two business days.