compliant European crypto and payments business

How to build a compliant European crypto and payments business?

How to build a compliant European crypto and payments business?

Table of Contents

An ambitious, global team, moved to Estonia to build and ship crypto payments infrastructure for Europe and after a tumultuous year of regulatory upheaval, obtain approval as the first ever company under the new regime to launch across the EEA, the Striga platform — A single set of APIs doing the heavy lifting for today’s FinTech’s, i.e. encompassing safe crypto custody, trading, banking, and card issuing.

Crypto-banking infrastructure for companies

Our mission is to build a better payments network and the Lastbit project was utilizing Bitcoin and its Lightning Network for the task, specifically made for consumers. Nearing the end of the Lastbit apps’ beta run, while winter was setting in on northern Europe, fresh off the heels of our latest fundraise and some semblance of product market fit with interest from large institutions in what we were building, solving the compliance puzzle in order to own the crypto stack — custody & liquidity — was an absolute must in order for us to progress, i.e. actually build the thing that companies wanted. Legacy financial service providers simply couldn’t cut it to meet the needs of crypto companies and with crypto regulation fragmented and shrouded in uncertainty around Europe, to innovate, owning the crypto stack was essential.

 

We’ve always viewed clearer regulation as a net positive, needed especially for a rapidly evolving industry like Bitcoin and crypto because without clear guidelines for what can and what cannot be done, building a meaningful product that actually solves a problem is akin to shooting in the dark. Therefore, owning the crypto stack meant falling in line with a clear set of regulations that fit our business model and allowed us to build Striga, towards reaching the larger mission. The platform by nature is a massive project from every possible angle of engineering, product, business, and compliance, which needed fuel, i.e. the regulatory green light, to power it in operating with real money. The rest of this post is a short description of how we went about doing this.

Various challenges with large upfront costs requirements

With a 10,000-foot view of what a compliance program looks like, when we made the decision to become a regulated company, we were serious about deploying resources and going above and beyond the expected regulatory requirements. Well aware that the legislation was set to change soon in Estonia — to further tighten the noose around the 400 or so remaining crypto companies — and with its startup-friendly laws, unique location to serve the EEA, we weighed the pros and cons against every other EU jurisdiction and the UK before making a well-informed decision.

The draft proposal of the new law at the time proposed various requirements that were important to consider in this decision, some of them being –

  • Large upfront capital requirements, similar to Electronic Money Institutions (EMIs).
  • Accountability in terms of “connection to Estonia” — i.e. key management and HQ located in the country
  • Strict onboarding, verification, and compliance requirements (Some of which are practiced today and nearly impossible to comply with which is a dealbreaker for several business models)
  • Tightened scrutiny around transactions, limits, monitoring, and sanctions checks
  • Audit requirements, accounting requirements
  • And several other noteworthy ones can be found here

 

With an initial budget of what we figured was 6 months until the law changed, based on all available data points, we estimated a fair probability of success towards becoming a licensed entity and taking live the Striga platform in this timeframe. Little did we expect the level of scrutiny and uncertainty the company would be placed under, under the new law. The journey in its entirety lasted well over 12 months during which time we had numerous rounds of questioning from the regulator and two interviews to support the barrage of documentation explaining the company, its policies, rules, and business down to the last detail.

Striga’s license journey to onboard companies European users

A “death spell” recipe for any early-stage venture-funded company is being dormant and unable to ship products for extended periods of time and with the economic recession setting in, and uncertainty around the licensing process, as a team of mostly “third-country nationals” from various parts of the world who moved their entire lives to a new country, things were tough. But here’s how we went about it –

 

  1. As a small team, working together in person to iterate rapidly on the product, in the same time zone was a huge must-have. Qualifying for the startup program and jumping through immigration hoops, we planned the move for key team members. (The country’s marketing department and its embassies around the world are severely out of sync. This process is a lot harder than it is marketed to be)
  2. Began building and educating the entire team on the compliance framework, accountability, and the way our operations would change, directly impacting the fronts of product, business, and even marketing. Practically, this means translating tens of pages of legal text around the company’s internal rules of procedures into code and manual labor with crystal clear awareness for everyone involved about what is at stake. Overly simplifying it — The final application was altogether over 200 pages of documentation explaining exactly what we do, how we do it, why we’re compliant, and how we were to meet all the requirements of the law. Here is where there is the most room for error as preparing documentation does not equate to arbitrary templates and generic compliance policies. Being able to clearly answer and back up every single claim made on any single page with facts and answers which range from various risk-related matters to deep technical implementation matters was the end result — Which logically makes sense in this industry with every business being inherently organized differently.
  3. Deeply understand what the law is trying to achieve and begin building out a compliance team — A scarce resource in a highly competitive market in a small non-English speaking country.
  4. Solicited, negotiated, and built solutions with well-positioned custodians, exchanges, banking providers, and card issuers. Given the nature of the product — Either we would wait until the license was granted to build these partnerships we needed to build the core application logic (No banking institution will enable access to their product without being regulated for a business of our nature) or build on what we had, mimicking a live environment as best possible, to further our business efforts in enabling early adopters to start building, despite the FUD. We did the latter and it’s here.

One of the biggest misconceptions we’ve seen is in the meaning of what a “license” entails. Especially most digital asset companies we’ve come across tend to feature founders with a mix of business and technical skills and today, pan Europe with the current geopolitical situation and regulators cracking down (even going as far as retro-actively applying laws), obtaining a “license” to operate in this industry is an arduous and risky endeavor, making it all the more important to build a team and product around the framework of legal requirements. With the MiCA legislation set to apply pan-Europe in 2023, we’re more than well positioned to fully comply and meet these requirements to continue shipping products. Effectively, for any company going through the process, one can expect to dedicate well over €1M to the task, implementing gnarly compliance-related infrastructure into your core codebase and around 12 months of fear, uncertainty, and doubt before you can even finalize your product and ship it.

Crypto Infrastructure as a Service

This is exactly why Striga is positioned as “Crypto Infrastructure as Code” such that you can test, build and ship your product in as little as 3 weeks with zero of the aforementioned overhead. Despite the unanticipated length of the process, the setting in of an economic recession, and the sheer man hours required in negotiating and signing partnerships with at least numerous different vendors — this helped the team mature and deeply understand what it takes to build in this industry.

 

The outcome relatively speaks for itself — Striga’s platformdocumentation, and transparente are public and free for anyone to validate their product. As we’re gearing up to take the first builders to live, drop us a note if you’re interested!

Striga Crypto-native Banking as a Service:

Your path to building and launching financial products

Join the financial businesses that use Striga’s cloud platform to delight their customers and launch their own products without the complexities that come when dealing with core banking solutions’ relationships, licensing, compliance and payments methods.

FR
Quitter la version mobile