What it really takes to launch a card product.
Everyone is getting into card products it seems.
Doordash recently announced plans to launch the Doordash card. Divvy (where I spent the last three years of my career), Brex, Ramp, and Airbase have taken corporate expense management by storm. Brex just announced an incredible raise at a valuation quickly approaching 10B.
A new card offering is around every corner and the legacy players (your bank included) are scrambling to keep a stranglehold on it all.
And you are asking yourself. “What does it take to get a piece of this? Could we issue our own card?” Let me tell you. I’ve done it several times over at one of the most successful corporate expense management startups, from zero to unicorn.
Interchange is a monster of a pricing model. Though your customers pay nothing for the service, you are still raking it in on the interchange. And the networks are happy to share it for the new influx of fresh customers or to hold onto market share.
It’s a simple formula. Get enough volume, keep costs low, and the money just rolls in at 1.5 to 2.5% of every transaction!
It seems the secret is out about what has made Amex, Visa, Mastercard, and Discover the behemoths they are today and fueled the banking industry for nearly 70 years.
Except that neither of those propositions: get volume, and keep costs low, are as straightforward as they sound.
Enter Complexity
The Bank
Before you can even start to contemplate getting volume, you first have to get a bank. Although you may have gone looking for an issuer/processor first, they will direct you to a bank. And you’ll find that it’s the bank that really holds all the cards.
Unfortunately for you, the banks have made most of their mistakes on early fintechs over the last 10 years. And they are not playing fast and loose with program issuance anymore. Several banks have been very publicly reprimanded for insufficient oversight of program managers — those third parties who issue cards on the bank's behalf.
The tightening of oversight, program control, and the uncertainty of regulatory implementation, is raising the bar and the price tag for program approval. It takes body count to deliver a card product to market.
Program issuance and compliance
Once you land on a bank and agree to the general terms of the relationship: Length, pricing, minimums, reserves, network relationships, SLA’s, and regulatory cycles, the bank will throw you right over to their risk and compliance team.
The first thing you need to know about the Chief Risk Officer is that they aren’t your friend. It’s not their fault. They aren’t anyone’s friends. They don’t report to the business at all. By law, they report directly to the board and will be the first to remind you that their job is not “the business of the bank” but the mitigation of risk for the bank.
Of course, that’s an impossible statement. If they were only concerned about mitigating risk, the bank would do nothing at all and bear no risk. They are, by necessity, concerned with the business of the bank, but they like to mention, whenever the slight insinuation may arise, that they are INDEPENDENT.
Once they have established that fact, they will then list for you, no exaggeration, the 350 compliance tasks that must be completed in order to get sign-off on your program to issue your first real card. And you are left thinking. “Hasn’t anyone solved this?” Yes, to some extent, but it’s not the bank or the issuer/processor.
Enter yet another partner(s).
My advice. Hire the best head of compliance you can find. Who, if you are lucky, will bring with them a playbook full of compliance documents and known providers and you won’t have to build from scratch. Either way, it’s going to be a long haul.
The issuer
Once you land the bank and get program approval, and set up your compliance process, and allocate the bodies necessary to implement the program, you can finally bring in the issuer/processor.
And you have about three choices:
- You can go directly to the networks, become an issuer processor yourself and maybe launch in a year or two. Of course, that isn’t what your business is.
- You can go to the bank, but in all likelihood, they are using a third party.
- Or you can go to a third party. Just make sure you aren’t layered on top of a fourth party — some issuer on top of an issuer.
That means you probably go talk to Marqeta, or Galileo if you didn’t start there and discover all this other stuff later.
Here’s the TLDR: (Thanks to my old friend Patrick for keeping me hip and teaching me TLDR means too long didn’t read)
It sounds simple. Everyone is doing it. Design, Build, Launch, Manage, and then Grow your card product. In fact, you may even be sold on a “play nice” ecosystem and a 6-month GTM. All I can say is that hasn’t been my experience, and I’ve seen it done many times, in just about every conceivable way.
Months pass and you are still building, still uncovering new tasks. Identity, KYC, KYB, OFAC, AML, SoR, BSA, NACHA, FTP, Reg-E, and a dozen other acronyms.
Instead of building your business, you’re building a network hub for all the providers you're paying to make it all work. You feel like a cell phone accessories merchant who has to build cell towers, to sell phone cases.
