- PCI DSS Level 1
- Annual on-site assessment, quarterly ASV scans — small-business merchants inherit the posture without per-merchant audit cost.
- NACHA & ACH mandates
- Mandate evidence captured at sign-up for recurring ACH payment; per-cycle retry calendar handles NSF / R-code returns.
- Sanctions & AML alignment
- Sanctions screening on onboarding; AML monitoring scaled to merchant volume and vertical.
- Card scheme programme tracking
- Visa VDMP / VAMP / VFMP and Mastercard ECP / EFMP thresholds tracked per merchant; the dashboard surfaces position vs limit.
- Vault tokenisation
- Card data never lands in the merchant's systems; refunds, retries and recurring run on vault tokens.
- Licensed verticals only
- Licensed and regulated small-business verticals supported; grey and black-market verticals are out of scope regardless of integration shape.