Purpose: The RatEx42 Risk Signal provides acquiring banks, payment service providers (PSPs), regulators, and B2B partners with an immediate, data-driven assessment of a payment entity’s compliance posture, technical footprint, and exposure to transaction laundering or illicit finance.
Our methodology evaluates entities across four distinct tiers: Green (Low Risk), Orange (Elevated Risk), Red (Critical Risk), and Black (Rogue/Sanctioned).
🟢 GREEN: Standard / Low Risk
Definition: A transparent, fully compliant entity operating strictly within its authorized regulatory framework. These entities process payments for legal, verified merchants and maintain rigorous AML/KYC controls.
- Regulatory Status: Holds active, appropriate Tier-1 licenses (e.g., FCA PI/EMI, BaFin, MFSA, local banking charters) for the jurisdictions in which it operates.
- Corporate Transparency: UBOs (Ultimate Beneficial Owners), directors, and key management personnel are publicly disclosed, verifiable, and free of adverse media. Physical operational headquarters match corporate registries.
- Technical Footprint: Direct API integrations with verified merchants. The checkout URL matches the merchant of record. No use of anonymous aggregators, hidden IFrames, or mirror domains.
- Merchant Portfolio: Services regulated industries or standard e-commerce. If offering high-risk processing (e.g., licensed iGaming), strictly enforces geo-blocking for unauthorized jurisdictions.
- Acquirer Action: Safe to onboard. Standard ongoing monitoring required.
🟠 ORANGE: Elevated / High Risk
Definition: Entities that operate in regulatory “gray areas” or demonstrate weak AML/KYC oversight. They may not be actively committing fraud, but their lack of robust controls makes them highly susceptible to exploitation by offshore or high-risk merchants.
- Regulatory Status: Often relies on “regulatory arbitrage,” such as using a Canadian MSB registration, a weak offshore license (e.g., Mauritius, Vanuatu), or operating purely as an authorized representative of another firm.
- Corporate Transparency: Complex corporate structures. UBOs may be shielded behind holding companies or nominee directors, though they can usually be identified through deep-dive corporate intelligence.
- Technical Footprint: May utilize generic white-label software. High volume of cross-border transactions. Occasional discrepancies between the front-end merchant URL and the backend settlement domain.
- Merchant Portfolio: Heavy concentration of high-risk merchants (unlicensed offshore brokers, crypto exchanges, gray-market iGaming). High chargeback ratios. Failure to consistently block traffic from regulated EU/UK jurisdictions.
- Acquirer Action: Tread carefully. Requires Enhanced Due Diligence (EDD), strict processing volume caps, and frequent portfolio audits.
🔴 RED: Critical Risk
Definition: Entities engaged in active, structural complicity in transaction laundering. These gateways serve as deliberate masking layers, weaponizing their infrastructure or licenses to bypass banking controls and law enforcement blacklists. (Example: Mellifera/Kartiera, Puretransfer).
- Regulatory Status: Either entirely unlicensed/unregulated, OR actively weaponizing a Tier-1 license (like an MFSA or FCA EMI) to provide a “clean” facade for dirty fiat flows.
- Corporate Transparency: Complete opacity. Use of privacy-shielded domains, shell companies, virtual office addresses, and “rented” corporate identities. UBOs are hidden intentionally to evade law enforcement.
- Technical Footprint: Acts as a “stealth gateway.” Relies on multi-hop routing, absorbing 100% of its traffic from anonymous shadow aggregators rather than direct merchants. Misuses Open Banking APIs or manipulates Merchant Category Codes (MCCs) to bypass acquiring bank blocks.
- Merchant Portfolio: Actively processes for explicitly illegal, blacklisted, or fraudulent merchants (e.g., ADM-blacklisted casinos, boiler-room scams).
- Acquirer Action: Do not process. Immediate suspension of API access and accounts. File Suspicious Activity Reports (SARs) with relevant financial intelligence units.
⚫ BLACK: Rogue / Sanctioned Entity
Definition: A confirmed criminal enterprise, fraudulent scheme, or internationally sanctioned network. These entities exist solely to facilitate illicit finance, steal consumer funds, or bypass global sanctions.
- Regulatory Status: Fraudulent claims of licensing (fake license numbers), actively revoked licenses, or operating in direct defiance of cease-and-desist orders.
- Corporate Transparency: Entities tied to known cybercrime syndicates, sanctioned individuals, or state-sponsored illicit actors.
- Technical Footprint: Known successor schemes to previously seized networks (e.g., the direct rebuild of a seized processor). Associated with malware, ransomware payouts, or darknet market settlements.
- Merchant Portfolio: Purely illicit. Unlicensed dark-web markets, terror financing, massive Ponzi schemes, or facilitating payments for sanctioned Russian/Iranian entities.
- Acquirer Action: Hard Block & Report. Mandatory freezing of funds (where applicable by law) and immediate notification to law enforcement and sanctioning bodies (OFAC, HM Treasury, EU).