Compliance Baseline for Active Merchants
Maintain complete legal documentation, transparent customer terms, sanctions controls, and auditable records at all times.
Practical compliance references for operating safely across markets.
Use these guidelines to stay compliant while scaling transaction volume across markets and payment corridors.
Document Standards
Risk Triggers
Review Cadence
Maintain complete legal documentation, transparent customer terms, sanctions controls, and auditable records at all times.
Maintain up-to-date entity documents, ownership structure, authorized signatory IDs, and active bank account proof. Revalidation may be required annually or after material business changes.
Screen merchants, beneficiaries, and transactions against applicable sanctions lists. Use transaction limits and rule triggers for unusual country/currency combinations.
Display refund windows, delivery commitments, cancellation terms, and billing descriptors clearly at checkout and in receipts to reduce customer disputes.
Keep transaction logs, invoice records, delivery confirmations, and dispute artifacts in an auditable format for regulatory and network review periods.
Apply least-privilege access, dual approval for sensitive actions, routine credential rotation, and incident reporting workflows with clear ownership.
Use enhanced monitoring for elevated-risk verticals, including tighter thresholds, reserve policies, and periodic policy reviews with risk teams.
Before go-live: verify legal entity docs, publish refund terms, enable fraud rules, define chargeback owner, and test reporting exports used by finance and compliance teams.
Minimum set typically includes:
Common triggers for enhanced review:
Dispute ratio review, anomaly checks, failed transaction trend analysis, and access-permission audit.
Policy validation, risk rule tuning, high-risk merchant assessment, and settlement exception review.
KYB refresh, document expiry checks, ownership confirmation, and compliance operating model attestation.