Compliance As Core Competency

Payment API firm WePay knows that transactions across crowdfunding and other activities demands compliance as nuanced as the stakeholders in a transaction itself. Welcome to the age where compliance must be outsourced, fluid and vigilant, as WePay VP of Payments Karen Redwood told Karen Webster.

Compliance is not just about dealing with a specific corporate action or use case. When payments are involved, compliance is a way of life, as constant as the transactions themselves, and it is complex enough an activity for some firms as to demand outsourcing to experts. And for WePay, which facilitates the transactions between merchants and payers via a platform model, compliance has been and is continuing to develop as a core competency.

In an interview with Karen Webster, Karen Redwood, vice president of global payments at WePay, stated that in girding the firm and its stakeholders against the risk of fraud, “we put the experience first, and we have some principles around how we want to design [the experience].” She noted that WePay exists “behind the scenes.… What we are trying to do is take that heavy lifting around compliance and risk and regulatory requirements and handle it for the platform.”

Redwood noted in the instance that in a crowdfunding campaign where someone is seeking to raise money for medical bills, that person may not “even know what the word merchant means.”

Against this backdrop, she said, the goal is to have an easy onboarding experience, and “the payments piece should be completely incidental.” For WePay, the key questions include what the information is that is needed from the merchant and what data the platform has that will help the firm make the best risk decisions seamlessly.

Such data can be as simple as the merchant’s name, said Redwood, and, for example, cross-referencing to what is being said on that merchant’s Facebook page or the invoice that is being generated.

“We are trying to pull all this information together so that we are applying our risk tools accurately” at any point in the onboarding or payments processing or checkout activities, said Redwood. For an illustrative metaphor, picture a lake, a duck and paddling feet going furiously under the water’s surface (the back end of operations) even while it appears to be gliding smoothly (the front end).

Webster noted, the paddles may be going a bit more furiously than ever, and the risk of getting it wrong is high, as are the stakes should risk be miscalculated. The rise of technology, stated Redwood, has given runway to be able to pay the dog sitter or the babysitter and use any number of payments platforms to do so. Social media provides a wealth of data and tracks are harder to hide than ever. But the result must move beyond a silo effect, where validating that people are who they say they are and where they say they are must consider logic and make sense of disparate data before approving payments. This is especially important since WePay takes on all risk, including compliance risk, for the platform.

Turning to a different dimension of risk, Webster stated that risk has indeed gone global, with Redwood concurring and noting that the firm has made inroads into markets with disparate compliance requirements such as Canada and the United Kingdom in geographic pushes dictated by where WePay’s platforms want to go. The objective when expanding into new markets for WePay is to keep a similar user experience across markets to ease global expansion for the platform. Looking out toward the future, Redwood said will more actively address PSD2 requirements, especially as is related to merchant payouts.