Reg E, AML and other compliance requirements explained by Keith Raphael, Founder and CEO of Straddle

Konstantin Dubovitskiy
All right, and today as a guest speaker, we have Keith Raphael, CEO of Straddle. And this episode we're going to
talk about a lot of things, but mainly about the regulation in the payment space. Specifically, we're going to talk
about banking secrecy act, anti money laundering, Reiki, and processing payments for or actual individuals. It's a
very complex subject which involves a lot of legalities that I personally am not a huge fan of. Therefore I haven't
touched them before. But it's about time we do it. So, Keith, let's kick it off easy. Tell us about yourself and about
Straddle.
Keith Raphael
Hey, Constantine, thanks so much for having me. Yeah, quick background about my journey to date. So I'm a
payments lifer. I've spent the first half of my career deep in payment network compliance, risk, anti money
laundering, you name it. We found that this arcane knowledge is kind of hard to read for most folks building
compelling modern experiences. So we founded straddle in late 2023 to bring some of this important but obscure
knowledge into the product stack and really focusing on better, faster account to account or bank account
payments. So by bringing compliance as a default into our modern API stack, we have the goals and missions of
making bank account payments, ach, which is slow and unreliable, or instant payments, which are fast and scary.
As fast and reliable as the card networks.
Konstantin Dubovitskiy
Yeah, instant payments are fast and scary. Our previous episode was with product person from the Clearinghouse.
We're talking about the scary parts. She did not think so, but you know, everyone has their own opinions. Yeah, I've
seen some stuff happen in the industry. So let's move on and talk about the main subject of the episode today,
consumer transactions. So a lot of payments companies are. Not a lot, but a good chunk of them, especially the
younger ones, tend to stay away from the situations where they would hold the funds that belong to actual
individual customers. So for example, I can't think of a good example. Remittances, Right. You are sending your
friends in Kenya 100 bucks. There's a moment where throughout this whole process, the funds belong to you as an
individual, not a business.
Konstantin Dubovitskiy
A lot of companies will not do it specifically because the funds belong to you as an individual. So can you tell us a
little more about why is that? What's the complexity there and what's the major issue? What's the difference
between, you know, processing funds for a business versus an actual individual?
Keith Raphael
Yeah, and then we'll get into maybe the international remains a bit later as we talk more broadly about FinCEN AML
and BSA. But I, you know, I, I think foundationally consumer payments are broadly regulated by something called
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
1 / 16
Reg E. So Reg E under the Electronic Funds Transfer act is essentially a consumer bill of rights for account based
payments. It sets duties for disclosures, error resolution and mechanisms secure unauthorized transfers on
consumer accounts. I think it's important to note, as you allude to, when we say electronic funds transfer, we're
specifically talking about things like ach, debit cards, ATM and remittances. Broadly speaking, bank account
payments. Reg E, like you said, only applies to consumer transactions. B2B electronic funds transfers or are
subject to a broad array of regulations. But I think typically call it the UCC Commercial Code 4 is where that's
mostly handled.
Keith Raphael
And then credit cards, on the other hand, are really a debt instrument, right? So they're regulated under something
called Reg Z. So when we talk about this money movement, right, actual funds moving, not a line of credit, we're
looking at Reggie. And of course the protections that come with those payments. Right. So this matters because
especially in today's world, reggae is really the safety net that makes consumers have faith in the banking system
that their money is safe and if something goes wrong, that their bank has their back. So if something does go
wrong and the consumer files a dispute, a complaint, what have you, the institution has to investigate and correct
and then that trickles down. Right, Constantine, to the folks building or building an app or a wallet or money
transfer service, a marketplace. Right.
Keith Raphael
And so these builders need to have proper protocols in place to abide by reggae even if they're not directly
regulated by it. Because that kind of up a level at the FI level, which we can get into. All right.
Konstantin Dubovitskiy
We're definitely going to talk about trickling down and. Yeah, I mean, it's a standard situation where FIs are forced
to do a certain thing and then they force everyone underneath to do the same thing. It's how the payments industry
works. Fortunately or misfortunately enough. Let's talk about Reggie further. So you mentioned that, you know, it's
a safety net. How exactly is it a safety net? What exactly does it offer to me as an individual consumer? Why would
it give me some confidence in the banking system?
Keith Raphael
Yeah, so I think, you know, the scale of consumer transactions that are governed by reggae, these bank account
payments are, you know, in a dollar amount, dwarf the credit card network, which may be unintuitive to some. So
you know, ach today, plus debit cards, you know, it's a kind of the hidden engine of the economy. So I'll talk maybe
broadly about a few scenarios where Reggie does apply. Right. And then we can see how that maybe instills trust
in the system. I think fundamentally, the unfortunate most common one is, you know, when there's an unauthorized
ACH debit, what we mean by unauthorized is, you know, you wake up and you find, you look at your, your personal
finance app, your online banking, and you find $500 has been withdrawn from your bank account and you have no
idea who or what that is. Right.
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
2 / 16
Keith Raphael
So you'll see maybe a random name or a phone number in your account. You're not sure if that's due to fraud or
mistake, hopefully. So under Reg E, the consumer can report the unauthorized transfer to their bank and is then
entitled to a provisional credit while the bank investigates subsequently. The bank or perhaps provider, if you're in a
fintech, must ultimately cover the loss if it wasn't truly authorized. And Rendi kind of runs into the. In this scenario,
the NACHA rules as well, where NACHA has a set of operating procedures that merchants and originating banks
must follow. There's some overlap there, but you know, broadly speaking, it's regi. And regi is by the ordeal of law,
right. Says consumers have 60 days from the bank statement to report the issue. In practice, that's actually
extended. Right.
Keith Raphael
Because you can make an argument that I didn't see my bank statement or what have you. So in my experience,
we've seen and had to handle, Reggie, consumer disputes that are weeks and months and years, sometimes later.
Right. And if that's not properly authorized, the bank will actually attempt to claw back. So there's that safety, like,
oh, crap, my money has left my bank account. I need to pay my groceries, my bills, I've got a life to live. And the
bank kind of has to step up there. So I think that's obviously the key one. You then get into other scenarios like an
erroneous or duplicate debit. Right. Lack of a better term, shit happens sometimes you might be billed by your
electric company twice. Reg E applies to that, even if one was authorized.
Keith Raphael
And then further, there's things like stop payments if you cancel a service, or Reg E does come into play as well.
Konstantin Dubovitskiy
Interesting. All right, so Reggie, just to clarify, basically forces anyone who's interacting directly with a customer to
be responsible for covering the potential losses from a fraudulent transaction that they had initiated, correct?
Keith Raphael
That's correct. I want to maybe be clear. That customer, the consumer has initiated. Right. We had there's some
you know the current zeitgeist and instant payments is. It's actually not Reggie covered because they're consumer
initiated. Right. A lot of folks, there's a lot of debate about whether or not to change. So these are more like money
has been pulled from a consumer account. The bank has to step up. Okay.
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
3 / 16
Konstantin Dubovitskiy
All right. So it's both the essentially forcing the person or company interacting with the consumer to cover it while
the bank is investigating and the bank has to in fact investigate.
Keith Raphael
That's right. And that investigation can be like requesting the consent or the mandate. And to be frank, banks can a
lot of times banks just take the word of their customer and they attempt to claw it back from the merchant or the,
you know, the originating bank.
Konstantin Dubovitskiy
Yeah, yeah, indeed, most of the time. Which is.
Keith Raphael
Yes.
Konstantin Dubovitskiy
Leading me to the point of asking, is this the reason why some payments companies do not touch individuals?
Keith Raphael
Yeah, I mean I think that it could be a reason but you know, I think that's almost a cop out. Right. To be frank, you
know, at Strada we've built kind of this identity first risk based architecture and you know, our unauthorized or
Reggie claims I guess you could say against consumer accounts are like you know, sub three basis points. Right.
Where the nacho limit is 50 basis points. So I think it's more about, it's. There's this potential for building tail risk if
you do things the wrong way. But at the end of the day most folks are just trying to pay their bills and if you can
ensure that their information is secure and payments are authorized, it's not quite as scary as it seems. But you
know, with it's not just Reggie, it's also aml. It's who is this person?
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
4 / 16
Keith Raphael
Am I even allowed legally to be moving money for them? So I think as a. The entire picture makes it even, I think
more daunting for payments company that they'll rather just stick to B2B transactions where there's like a two day
window as opposed to 60.
Konstantin Dubovitskiy
Yeah, yeah. So there are a handful of risks associated with processing individual transactions or transactions for
individuals. And usually, I mean individuals do not process it nearly as much as businesses. So that's honestly a
sound strategy as well. In that case, let's talk about the broader scope of this, you know, implications of processing
money for actual individual consumers. Again, as I mentioned earlier, there is bsa, aml. Reggie. Well, Reg Z. Which I
was unaware of to be honest with you. So thank you for sharing that one.
Keith Raphael
Yeah. New rabbit hole for you.
Konstantin Dubovitskiy
Exactly. I'm not going down that just yet. At some point, perhaps, but not today. Not today, Keith. So let's talk about
bsa, ML and Regi and when do they actually kick in? Specifically you mentioned in your previous answer, which is,
you know, from a company perspective they have to actually think is it even legal for me to process this
transaction? Why would it not be? And what actually goes into this decision making.
Keith Raphael
Yeah, so maybe we'll put a cap in some of the reg E discussions. So reg E applies anytime a consumer account is
debit electronically. Reg E duties are in scope. Right. So that's the error. Unauthorized handling disclosures, et
cetera. That's just status quo. Right. Then you have the concept of the legality. Right. And if that's a fuzzy term, but
maybe I'll say anytime money is moved not just between a consumer account but any account, you're in scope for
bsaaml. So that's Bank Secrecy act and Anti Money Laundering rules, which is financial crime rules. These are
many and they are complex. But at the base level a lot of folks are probably familiar with like international
sanctions ofac things of that nature. Right. Are kind of the default like minimum that apply anytime money is
moved.
Keith Raphael
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
5 / 16
So there are then a litany of other anti money laundering provisions depending on if it's a cash deposit, if it's
electronic velocity and frequency. But I think the important thing to note is there's no such thing as being too small
for AML rules. Right. If you are a well to do fintech or payment processor or if you're Western Union and all of a
sudden you are intentionally are not sending remittances to cartels in Mexico or to North Korea. Right. That's a
bigger problem. So I think we might do well here to define two common and often conflated types of flow of funds.
Right.
Keith Raphael
I encounter a lot of folks in my day job who want to build a payments APP or a marketplace and the first thing they
do is go to FinCEN, which is the Department of Treasury Financial Crimes Enforcement network and they
immediately register as an MSB with FinCEN and they say hey, don't worry, we're covered, we're registered as an
msb. Unfortunately on its face that doesn't really do much and most companies actually aren't MSBs. So you have
MSBs or money service businesses.
Konstantin Dubovitskiy
Yeah.
Keith Raphael
That collect and then hold funds on behalf of consumers for things like a wallet or remittance or these more
complex payment flows. So once there's that, that pause or that hold money service business rules do apply. And
to actually abide by these rules, you'd have to register in every single state in the United States in the country. Here
in the U.S. of course, we don't make that easy and it's typically years and millions of dollars to do so.
Konstantin Dubovitskiy
When you say register in every state, do you mean register as a money service business or get your money
transmitter licenses in every state?
Keith Raphael
Yeah. So you register as a money service business at the federal level and then every state in which you wish to
operate or serve consumers in you must register with an mtl. Then again, there's some consortiums that make like
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
6 / 16
you could do a few at once. But it's typically very burdensome and complex. So the other side of money movement
that I think a lot of people don't realize is payment processing. Right. You know Constantine, if you set up an
automatic payment to like, you know, your gym or maybe for your car insurance or something like that, using your
bank account, FinCEN has carved out a payment processor exemption back in 2014 that allows that flow of funds
in which an entity is acting as like an agent of the payee to not be an MSB scope.
Keith Raphael
So while what that means for AML BSA is you still have to abide by the broad generic rules like sanctions and
ensuring that your clients, the merchants are well to do real businesses, but you don't have the same type of
velocity structuring all that more complex modeling as much. So it gets complicated. Right. So I think that the
important part is that Reggie is always applicable anytime money moves from a consumer account. And then the
scope or responsibilities of your AML BSA requirements depend on the nature of the underlying money movement.
Konstantin Dubovitskiy
Okay, let's talk about that just a tad when you're talking about those situations on this carve out from 2014, is there
a specific name for it by the way?
Keith Raphael
It's a legal, I would say a payment. I'm not sure, but it's called the FinCEN Payment Processor Exemption. And so
it's a, a memo from FinCEN calling out these. They're going to carve outs for payment processing versus money
service business.
Konstantin Dubovitskiy
Okay, interesting. Good to know new stuff has been learned. I hope people you are joining this because I sure am.
All right, let's talk about that a little bit more. This carve out is built specifically for companies that are processing
the payment for the individual, but not the funds that actually belong to an individual. So it's payments for like
services as you mentioned, like for gym membership. Right. Whereas when that those funds are being pulled from
my accounts, they go to the gym owner and those funds in fact belong to the gym owner. Is that what we're talking
about here?
Keith Raphael
Yeah, yeah, exactly. So I, I guess maybe I could tone up is not every company that facilitates the movement of
money or touches payments is a money transmitter. If you're a, let's call it a processor settling merchant
transactions. These pre authorized debits or card networks as well. Right. So if you're settling merchant
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
7 / 16
transactions through bank or card network flows, you're generally not MSB under this carve out the moment that
you hold or reroute customer funds outside that merchant settlement context. So again, wallets, P2P store value,
remittance, et cetera, you're back in MSB territory.
Konstantin Dubovitskiy
Gotcha. All right, that makes a lot of sense. In that case, I have a follow up question. On this account, find
transactions. If he pulls from debits, it is technically speaking account to account me to me. Transfers from user to
their own wallet. That by default kicks in the money transmitter requirements, correct?
Keith Raphael
Typically, yes. Based off the current flow of funds, you know you could get into some concepts where the
consumer is the originator. But I think in most use cases we see in the real world you're talking money service.
Konstantin Dubovitskiy
Mm, makes sense. Okay, lovely. By the way people, if you're ready for getting all this, I am taking notes. I'm going to
share the notes in the description of this episode so you can follow along. Plus there's going to be transcripts so
should be helpful to digest. Just to solidify all this, could you give us two examples of money flows where one is
considered to be money transmitter and the other one does not have to adhere to, does not have to have MTLs.
Empty states, two simple examples.
Keith Raphael
Yeah, true, you said does not have to have MTLs. I want to maybe talk about that a little bit of how we can enable
companies to not have MTLs due to some account structure at the sponsor bank level. But yeah, let's just talk
basically. So I'll give examples of two flows that we facilitate today at Straddle. One is a, excuse me, a let's call it a
tap to pay wallet type application in which a technology provider in a certain vertical, it's actually like nail salon,
something like that. Right. They have built an app on the App Store or Google Play Store that consumers can
download the app, they can connect their bank account via open banking and load money onto this wallet
construct. Right. That Money is actually held by Straddle at one of our partner banks. But it's a consumer wallet.
Right.
Keith Raphael
That consumer can then go to any store in the network and tap the pay with their phone and then Straddle remits
the money to the bank account. That would be technically money service business even. It seems like a payment
because there's that initial loading and holding of money. Right. And then later instructions to disperse. So that's
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
8 / 16
one again think of Venmo. Right? Very, very common. Right. So it's about that pause where MSB regulations
typically apply. Now the flip side is we have another client who is in. It's actually a SaaS platform who's built a
wonderful almost CRM for tuition management. So it's you know, daycares and karate studios and the, you know,
the parents of the, you know, the students or the kids that are attending these camps and gyms, they connect their
bank account to pay their monthly daycare bill.
Keith Raphael
So the money leaves, you know, Janet's bank account and it gets paid to Mike's Karate studio in one, you know, two
legged transaction. There's not a pause there. So that's a clear example of payment processing versus money
service business. I hope.
Konstantin Dubovitskiy
That does make sense. Yeah. Again, as long as we're thinking about storing value for an individual consumer, think
MSB MTL requirements, all the shindig, which is again why so many companies are staying away from it.
Keith Raphael
You know what, you mentioned KYC requirements.
Konstantin Dubovitskiy
As well and KYC requirements. You know what, before we get into the KYC and we will get there, let's talk about the
structure that you mentioned which is some payment service providers like Straddle offer a structure in which the
funds are flown through their sponsor banks that does in fact have a. Do they actually have MTLs? They don't have
MTLs, but they have the exception that they are a bank. They don't need to have MTLs because well, they're a bank.
Forgot the carve out that they have for it. First of all, can you tell us a little more about that carve out for banks?
Secondly, can you tell us briefly about how that structure looks like and when it actually applies?
Keith Raphael
Yeah, absolutely. And you know this has gained popularity in the last, I don't know, not even decade, maybe five
plus years. So I'll talk a little bit about this. So we've kind of defined that if you're going to be storing value, let's say
you're in money service business scope and you need licenses in every state that is nigh impossible for a startup
to accomplish.
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
9 / 16
Konstantin Dubovitskiy
Right.
Keith Raphael
So we've seen the popularity and the rise in an interesting account structure in which a technology company
partners with a regulated financial institution, a bank, to piggyback almost on the bank's regulatory coverage. This
is done via a special kind of bank account. Let's say that the fintech or the payment processor that will open in
partnership with their sponsor bank. This is called an FBO or for benefit of account. Right. What that means is the,
at the regulator level at like the occ, FDIC level, that bank account is owned by the bank. So they're their ein
essentially is on the bank account. The fintech holds money in there for benefit of their customers. So instead of
building your own vault, you essentially rent space in, in a bank's vault. Right.
Keith Raphael
So the funds are always under the bank's ownership for benefit of the fintech's end users and not on the fintech's
balance sheet. So this enables, so we should say, you know, banks are not money service business, they're banks.
You can get into the rules there, but I think that's just broadly speaking. So this enables fintechs to build complex
flow of funds without having to again go through the multi year process of registering. So this dramatically
reduces the immediate licensing burden at startups. And this is why so many fintech apps can, you know, operate
in all 50 states on day one. The bank's charter covers that activity.
Konstantin Dubovitskiy
Yes, FBO accounts are super interesting. I actually wrote an article on the fbo so if you people want visualization
and better grasp of how it works, I'll also include the link to that article because well, obviously it's amazing written
by me, what else could it be? Yeah, but yeah, that's certainly interesting structure and as you said, it is becoming
more and more popular every day. Every day, which is absolutely not that for us. In that case, let's talk about the
other section of it.
Keith Raphael
Let's say that you are a.
Konstantin Dubovitskiy
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
10 / 16
Payment service provider like straddle. You're processing payments for individuals through this structure with an
fbo, the bank behind you that you're piggybacking off of. Right. Let's talk about the KYC requirements and potential
downsides besides Reggie kicking in.
Keith Raphael
Yeah, of course. So we'll probably just use the term KYC here. So you know, in the US the responsibility of know
your customer or you know, customer due diligence as defined by the FFIEC is that ultimately falls and is a
requirement When a quote unquote account is opened, this could be at a bank, at a brokerage, et cetera, money is
being held by the bank even at this FBO structure. So that responsibility, ultimately the buck stops with the
regulated financial institution under the BSA. You know, that means banks, credit unions, licensed MSBs must have
customer identification programs to verify the identity of their end users. And this is not just for individuals, it's
business too.
Keith Raphael
So what happens is, you know, the bank has these responsibilities and let's say if a fintech startup isn't a bank or
MSB itself, you know, the bank has to abide by that. But what's unfortunate, and we've seen some significant
fallout of this over the last, I don't know, 18 months in the banking as a service space is the bank says, well, hey,
Fintech or Bass platform or payment processor, you have to do these things. But proving that they're doing that is a
different story. At the end of the day, the entity with the banking license or money transmitter license is on the
hook. They can delegate the work, but not the liability.
Konstantin Dubovitskiy
Yeah, which is why we see payment service providers being offboard by their sponsor banks if it is found out that
they're doing some weird stuff. Because again, yeah, as you said, the liability is on the bank ultimately.
Keith Raphael
Yeah, typically they're not doing anything and they're enabling the weird stuff. Right. So, yeah, that's, that's, you
know, the, that's. We like to think that, you know, I think a big part of our thesis at Straddle is, you know, we're
payments experts building technology. We're not. We didn't just wake up one day and decide to say, hey, I'm going
to fix payments or banking in the United States, because, you know, I spent a few years at Stanford. Right. So I
think that slight shift in purpose, it means a lot, especially you know, when we're working with these banks who
would love to partner with more fintech, but they just, they have a trust problem essentially.
Konstantin Dubovitskiy
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
11 / 16
Rightfully so. Rightfully so. Again, I mean, there are numerous stories about those companies that do weird stuff
and then the banks suffer at the end. So total and simple. And yeah, I don't think there are any survivors at this
point of people who are here to quote, unquote, fix the banking problem because, well, they have a bank account
that doesn't work. Right. In that case, can we talk just a little bit more thoroughly on the KYC requirements, how to
collect them? What are the good Guide reels stick with to not lose your sponsor bank or to instill some confidence
in a bank for it to become your sponsor bank.
Keith Raphael
Yeah, great question. So this all ties back into the flow of funds almost right? So we mentioned that anytime
money moves you have these, these high level AMA AML sanction screening requirements. What a lot of folks
don't realize is you may or may not have KYC requirements. So I'll use the example of the stored value wallet
versus the you know the parent paying for their kids tuition. So you know at straddle what we warrant to our
sponsor bank is that you know we'll abide by all the CDD customer due diligence rules. That means that our we
we've built infrastructure around light identity verification, fraud screening more really and aml we apply those,
we've built that into our money movement flow to help the folks know processing tuition payments ensure that the
individual is who they say they are.
Keith Raphael
This is done via signal based intelligence consortium data, et cetera. So hey this is Konstantin, this is his bank
account and he's really paying Mike's Karate Studio. That's not necessarily kyc, right? That's more of like again
sanctions and identity or fraud. You could imagine Constantine that if every time you wanted to, I don't know, buy a
T shirt on Shopify or a candle on Etsy, you had to like put your Social Security number in and like take a selfie. That
would be like insane. Right? And so folks think like oh kyc, we have to do it all the time. It's like in the payment
processing flows you have to make sure you're abiding by AML rules and you don't let fraudsters into the system.
Right. So that's one side of it.
Keith Raphael
On the other side if you're holding that stored value, right then customer due diligence does pop in. So there are a
number of mechanisms to satisfy again the CDD final rule. It's interesting again I think often confused is from a
regulatory perspective KYC is the first step almost right. Is Keith Rafael a real person? Is this his Social Security
number and is this his address? Right. That is the base requirement for kyc. So you can get away with again name,
address, Social Security number of date of birth and you can do a programmatic validation of that to satisfy kyc.
There are step ups then, right? Should something be incongruent then you might want to get into biometrics or
selfie, et cetera. So I think this is complicated and crazy so that's why we've kind of figured it out.
Keith Raphael
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
12 / 16
So our clients that are just so focused on building amazing products and experience don't have to worry about this,
you know, this insanity. Right? And I think the last thing, the last party that I'll mention here, unfortunately, there's
still one more is what does straddle warrant to our sponsor banks, or, you know, what is stripe, you know, to theirs,
or, you know, anyone else.
Konstantin Dubovitskiy
Right.
Keith Raphael
So we then we have obligations that we will perform full customer due diligence on every business. Let's call it
merchant. Right. Just to use a generic term that we enable payments or money movement for. So this comes from
looking at the corporate structure, what's called beneficial owners of those businesses, their credit history, et
cetera. So we do that, and that's something that we warrant to our banks. We give full visibility for every business
that we help move money. And then we extend the tools in our product to say, well, hey, this is store value, here's
some great KYC built in. Or hey, this is payment processing. We've got you covered from a fraud and AML
perspective.
Konstantin Dubovitskiy
Makes sense. Can we talk just a little bit more about what is being actually passed on to the sponsor banks? In
your case, for example, I don't know how much of it you can share. I'm assuming all of it, but obviously without
sharing specific details of individual customers. So when your bank comes to you, I'm assuming you're not passing
them this information on the daily basis, on a transaction basis. Every time you onboard a new customer, you push
that information that you obtained to your sponsor bank. I'm assuming you're storing it safely. And then when the
audit comes, they're like, here is everything we had to collect. Everything is collected, in fact. And if something's
missing, you're in trouble. Is that correct?
Keith Raphael
Yeah, yeah, exactly. Right. So part of getting a sponsor bank is, well, doing it right is a lot of hard work. Right. And
so that is before anybody, you get close to moving money, it's months of due diligence.
Konstantin Dubovitskiy
Oh, yeah.
Keith Raphael
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
13 / 16
However, with that comes trust and actually the ability to scale. So we look at being so compliant by default as a
significant competitive advantage. So I'll just talk through a generic kind of what we would collect on behalf of one
of our clients, you know, a merchant. Let's just use it broadly. You know, we'll collect. We try to collect as little as
possible upfront almost because just for scale and speed, but we can do we do such a great job from marrying all
these points of data. So just at a high level, you know, it's like what is your business name, address, employer
identification number, industry, et cetera. You know, a lot of folks are at Glass like you know these businesses. Oh,
what is your merchant category? Cold or your nics? Like no one knows that. Right.
Keith Raphael
So people just put whatever Brandon bullshit to him. Right. So we can figure this out for you. So we get that
business information then you know we are in part of a CDD AML dsa. We're required to identify what's called the
beneficial owner or one to five. Essentially what's called beneficial owner. Meaning a beneficial owner is an
individual that either exerts significant control over the legal entity. You could think of this as, you know, hey, I'm the
VP of engineering at my startup and like I don't own 25% of it, but I'm the one opening the quote unquote account.
That would be someone with significant control. And then in addition to that, any individual or nested legal entity
that owns 25% or more of the business.
Keith Raphael
So we collect all this in a programmatic either you know, secure web form or even via an API. We then run you
know, dozen plus different validations, everything from the mundane to some things like we don't have to but like
how old is this business versus how old is their website domain? That's actually a surprisingly accurate signal. So
we collect all this secure it at column level encryption and our cloud provider and then we provide a monthly high
level summary. Well again we actually have some data sharing in place but of the businesses that we are providing
services for and then semi regularly deep dives, annual audits for both the bank level, NACHA level and so we have
all that data ready to go. But it's not something that we're just publishing to our bank all the time.
Konstantin Dubovitskiy
Makes sense, makes sense. It is a very normal structure again which is why banks are very cautious when
onboarding PSPs because there are periods where there's not much visibility into the actual data. Interesting,
makes sense in that case. You know what, that's a good point for us to go into the rep question. We'll cover it. A lot,
a lot of notes have been taken. At some point I stopped taking notes because it got so interesting. I didn't want to
miss anything. So people, some notes will be missing per expectation. Let's go into the rep question.
Keith Raphael
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
14 / 16
Keith.
Konstantin Dubovitskiy
If there's one thing in the payment Space that you could teach literally the entire world about. Like you can whisper
into the brains of 8 billion plus people on the planet and they would actually understand it. About payment space,
what would it be?
Keith Raphael
Yeah, that's a great question. I would say that actually money moves at the speed of trust. So folks should stop
thinking about compliance and AML and all this other nonsense as a burden and instead start thinking about how
it can be a competitive advantage for their business or their product or their service. We've, we've really built a lot
of our company and our thesis around a saying by a former security researcher at Cambridge. He spoke at a Fed
conference probably better part of a decade ago. And this is really resonated with me. It's a little obsessive, but I
think, you know what it is the takeaway is if you can solve identity and payments, everything else is just
accounting.
Konstantin Dubovitskiy
All right, that's a good line. Hold up, can you repeat that again? I'm going to write it down.
Keith Raphael
Yeah, yeah. If you solve for identity and payments, everything else is just accounting.
Konstantin Dubovitskiy
Nice. Delightful. That's a good phrase. I like having one or two specific clients from the speakers. Perfect. That is a
great rep on that case. You know what? I'll do the call to action for everyone who's listening. Hopefully you all took
something new from this episode, which I certainly did. Raisey, for starters, didn't know about its existence 15
minutes earlier. So my call to action is going to be take a look at the description of this episode. I'm going to
include a bunch of stuff there, specifically the notes from this meeting, key takeaways that I have from it. I'm also
going to include Keith's LinkedIn and Straddle's link, obviously, so you can take a look at what they're doing when
solving for identity payments and how they're doing the accounting afterwards.
Konstantin Dubovitskiy
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
15 / 16
And also I'll include a couple of links to my articles on related subjects, like opening FBO accounts, how omnibus
accounts are structured, what the sponsor bank is doing there, and how it affects you, as in I'll review actual use
cases there. So, bottom line is, take a look at the description of this episode. Click on every single link there
everyone is going to be, or every single one of them is going to be useful. And as always, have a great day.
Meeting Title: kdubovitskiy@checkbook.io - Fri, 07
Nov 2025 17:22...
Meeting created at: 7th Nov, 2025 - 9:22 AM
16 / 16