- PCI DSS Level 1
- Vault, switch and tokenisation are PCI DSS Level 1 service-provider components; sub-merchants inherit the posture across every rail.
- AML & sanctions alignment
- Sanctions screening on onboarding; AML monitoring tuned per merchant vertical and per rail (voucher / bank-slip / stablecoin volumes are watched differently).
- FATF Travel Rule (crypto)
- Stablecoin rails delivered via licensed partner crypto gateways with VASP / MiCA-relevant authorisations; Travel Rule compliance sits with the partner.
- Rail-specific compliance
- Voucher rails (paysafecard etc.) inherit the issuer's own KYC / AML posture; bank-slip rails follow local financial-services rules.
- Audit-grade event log
- Every payment lifecycle event — issued, viewed, cleared, refunded, disputed — logged with actor identity, timestamp and rail-specific reference IDs.
- Licensed verticals only
- Licensed gaming, regulated financial services and other compliance-bound verticals supported only where current operating licences exist. Grey and black-market verticals are out of scope regardless of rail.