Question 1

What are the main payment processing models for SaaS?

Accepted Answer

SaaS companies typically choose between a payment facilitator (PayFac) model, a merchant of record (MoR) model, or direct merchant accounts. PayFac (Stripe Connect, Adyen for Platforms) lets you onboard sub-merchants under your master account. MoR providers (Paddle, Lemon Squeezy) handle the entire payment stack including tax, compliance, and chargebacks. Direct merchant accounts offer the lowest fees but require you to handle everything yourself.

Question 2

What is KYC/AML and how do you implement it in an app?

Accepted Answer

KYC (Know Your Customer) and AML (Anti-Money Laundering) are regulatory requirements that verify user identity and screen for financial crime before granting access to financial services. Implement KYC by integrating an identity verification provider (Jumio, Onfido, Persona) that handles document checks, liveness detection, and sanctions screening via API. AML adds ongoing transaction monitoring for suspicious patterns.

Question 3

What is PCI DSS compliance and who needs it?

Accepted Answer

PCI DSS (Payment Card Industry Data Security Standard) is a set of security requirements for any organization that stores, processes, or transmits credit card data. If your application accepts card payments, you need some level of PCI compliance. Using a payment processor like Stripe or Adyen that handles card data directly reduces your scope to the simplest level (SAQ-A), but doesn't eliminate compliance obligations entirely.

Question 4

What is embedded finance and why is it growing?

Accepted Answer

Embedded finance integrates financial services (payments, lending, insurance, banking) directly into non-financial software platforms through APIs. Instead of redirecting users to a bank, the financial product lives inside the SaaS app where the user already is. The market is growing because BaaS (Banking-as-a-Service) providers have made it possible to embed regulated financial products without obtaining your own banking license.

Question 5

What is open banking and how does it work?

Accepted Answer

Open banking requires banks to share customer financial data with authorized third-party providers through secure APIs, with the customer's explicit consent. It enables applications to read account balances, transaction history, and initiate payments directly from bank accounts. In Europe it's mandated by PSD2; in the US, adoption is driven by the CFPB's Section 1033 rulemaking and market initiatives.

Question 6

What is open banking?

Accepted Answer

Open banking is a regulatory and technology framework that allows third-party financial services to access bank data through secure APIs — with customer consent. Instead of banks being the sole gateway to your financial data, open banking enables fintech apps to read account balances, initiate payments, and build services on top of traditional banking infrastructure.