Card scheme integrations
Visa, Mastercard and Amex programmes — including tokenisation, 3DS2 step-up and pre-tokenised card credentials. Scheme rules compliance baked in.
01 — Payments
Payments engineering for regulated UK, US and Canadian fintechs.
Most payments builds work on day one. The problem is what happens at month-end — when reconciliation fails silently, when the FCA’s new safeguarding regime exposes the gap between “we know the balance” and “we can prove the balance,” when a card scheme audit asks for evidence you can’t surface.
FCA · UK CFPB · US FCAC · Canada
01 — Problem
Where payments builds usually go wrong.
We’ve shipped acquiring, payouts and ledger work across all three regions. The fault lines look similar everywhere: a scheme integration that works for the demo but doesn’t queue under real volume; a payout flow that handles the happy path but breaks when the customer’s bank rejects three days later; a reconciliation pipeline that’s right 99.7% of the time and silent about the 0.3%.
What separates a payments build that survives audit from one that doesn’t isn’t the rails — it’s the boring-but-critical layer underneath. Double-entry ledgers wired to the rails on day one. Reconciliation that’s an active control, not an end-of-month spreadsheet. Evidence trails that satisfy the FCA’s safeguarding regime, the PCI QSA and the scheme auditor with the same query layer.
We build all of that. Plus the rails themselves.
02 — What we build
End-to-end, audit-ready, in production.
Faster Payments / BACS
UK FPS direct connection or via a regulated PI/TPP, BACS payouts with full mandate management and SUN ownership.
SEPA
SCT, SCT Inst, SDD Core and SDD B2B — with full reachability across the SEPA zone and mandate management.
ACH
Same-day and standard ACH, NACHA Operating Rules compliance, and the right ODFI relationships for your programme.
Interac e-Transfer
Request-money and bulk-disbursement flows for Canadian programmes — including bulk file management and dispute handling.
Double-entry ledgering
Event-sourced, multi-currency, sub-ledger granularity — built so balances can always be derived from facts, not the other way around.
Reconciliation pipelines
Real-time match between rails events, internal ledger and customer balances — with FCA-safeguarding-grade evidence trails.
Disputes & chargebacks
Scheme-aligned workflow, mediation handling and automated representment — built to reduce write-offs without overspending on disputes ops.
PCI-aligned tokenisation
PAN never touches in-scope environment. Network tokens, customer-tokens and BIN-routed flows handled cleanly.
03 — Patterns
Build patterns we ship from.
Acquiring engine
Card-not-present acquiring with scheme adapters, 3DS2 orchestration, retry strategies and dispute hand-off.
Visa CISMastercard CIS3DS2Adyen / Stripe / Worldpay
Payouts engine
Multi-rail payouts orchestration — FPS / BACS / SEPA / ACH / Interac — with mandate management and exception workflow.
ModulrPay.UKNACHACurrencycloud
Real-time reconciliation pipeline
Event-sourced match engine wired between rails, ledger and customer balances — with break-management workflow.
Kafka / SQSPostgresdbt
Treasury infrastructure
FBO accounts, segregation, sweep schedules and safeguarding accounting — engineered for the FCA’s May 2026 regime.
ModulrJPMorganGoldman TXB
04 — Regulations
What this work has to comply with.
UKPSRs 2017UKFCA Safeguarding (May 2026)UKOpen Banking PIS (CMA Order)USReg EUSNACHA Operating RulesGlobalPCI DSS v4.0GlobalVisa CR / Mastercard CISCARetail Payment Activities Act
05 — Stack
What we build with.
Rails & schemes
VisaMastercardAmexPay.UKNACHAInteracModulrGoCardless
Treasury & FX
CurrencycloudWise PlatformJPMorgan TXBGoldman Sachs TXB
Data & integration
Plaid AuthStripe IssuingAWS Step FunctionsPostgres event-sourcing
06 — Recent build
A safeguarding-compliant reconciliation engine, shipped in 6 weeks ahead of the FCA’s new regime.
A UK EMI client had a working acquiring + payouts platform but no real-time reconciliation. The FCA’s safeguarding regime (effective 7 May 2026) required them to evidence customer-funds segregation continuously — not weekly.
We delivered a replacement reconciliation engine in six weeks: real-time match between Modulr ledger events, internal customer balances and scheme settlement files, with break workflow, daily safeguarding evidence packs and an immutable audit trail keyed to every event source.
Outcome: the platform met the May regime three weeks ahead of deadline, the operations team cut break-management time by ~70%, and the client’s external auditor approved the safeguarding controls on first review.
6 weeks
Build to production
70%
Operations time saved
100%
Safeguarding evidence coverage
07 — FAQs
Questions we get every time.
How long does a card-acquiring integration take?
It depends on which acquirer and what your existing platform looks like. Typical first integrations land in 6–10 weeks for a programme that already has the legal and BIN sponsorship in place. We’ve done shorter (4 weeks) for clients on top of a flexible payments-as-a-service provider, and longer (12–16 weeks) where the client is also doing scheme-direct work for the first time. The honest answer is “6 weeks if you’re not also onboarding the acquirer.”
What does FCA-safeguarding-compliant reconciliation look like in practice?
Three things working together: (1) an event-sourced ledger where the customer-balance position is always derivable from the rails events, never stored as a denormalised number; (2) a real-time match between those events and your safeguarded-account balance sweeps; and (3) an evidence pack — generated daily, retained for the regulatory window — that any auditor can pick up and answer “were customer funds segregated continuously?” with one query. The May 2026 regime makes the third item non-optional.
Can you build to PCI DSS without us bringing the QSA?
Yes, but we recommend you bring one anyway — they earn their fee just by sense-checking architecture decisions early. Where we add value is in keeping you out of in-scope environments wherever possible: network tokens, customer-tokens, BIN-routed flows and clean iframe / hosted-field patterns mean we typically build platforms where the PAN never touches your servers. That collapses the assessment from a SAQ D job to an SAQ A in many cases.
How do you handle scheme dispute timelines for Visa and Mastercard?
Scheme-aligned workflow with calendar-aware deadlines for every dispute state, a built-in representment pipeline that pulls evidence directly from your transaction event store, and a separate channel for cardholder-initiated disputes vs. fraud chargebacks. We’ve found that automating the evidence-collection step — even when humans still write the cover letter — typically drops chargeback write-offs by 25–40% in the first quarter.
What’s the right ledger architecture for a multi-currency wallet?
Event-sourced, sub-ledger granularity, multi-currency at the entry level (not summed). The non-obvious bit is that you want one ledger per legal-entity-per-currency, not one ledger per customer. The customer’s balance is a view on top of multiple ledger positions. That structure scales cleanly to multi-region and to programme-as-a-service models where a single customer holds positions across several legal entities.
— Adjacent practices
Most builds combine two or three.
Scoping a payments build?
Send us a few sentences. We’ll come back inside three business days with a credible delivery plan and a date.