[an_opabinia]

> Stripe Treasury does not violate our terms...

Would AngelList's angel investing product, built on Treasury, violate Stripe's AUP? How about TransferWise? These are financial services companies, they are something I can imagine building on Stripe Treasury. But they are probably against your AUP, even if of course they are permissible from a legal point of view.

> KYC goes through Stripe's processes. This is both operationally complicated and something that we generally do not go into detail on.

One of the things I like about banks is, when you're dealing with large amounts of money, which is what I aspire to do, you are talking with an educated person on the other end of the line. It's very easy to talk with integrity because the bank's FTE is experienced, vested in a positive outcome for you, doesn't get tripped up with keywords, and critically, because they live here and are paid well, they have something at stake, you can achieve a remedy if you don't get what you need from them.

With a contractor, there's a script. It's hard to talk with integrity because you might say a forbidden word, or you might merely delay your legitimate business even further by having to wait even longer for a Zendesk follow-up, or you might be dealing with someone in a foreign country beyond the law who is just going to criminally misuse information in your docs, like your passport, because SOC 2 and ISO 27001 are just policies, they're not laws and they're especially not enforcement. This is pretty consistent with everyone’s experience with contractors versus W2 in customer service and other cost departments, it is not a controversial position, it is definitely correlated with the fact that it is capricious, with no remedies, when you are locked out of eg your Google account, compared to say getting your checking account closed at a bank for non-legal reasons - at least the bank gives you the money in the account, while Google generally does not give you your emails nor responds to your support tickets.

It's one thing when it's a $100 merchant payment. Who cares. It's another when it's a $1,000,000 transfer. I understand the desire to scale and compartmentalize, to use vendors. It is pretty clear that the bulk of compliance work is not done through W2 Stripe employees, although I don't see why that is possible with a bank and not with Stripe.

> Given that the implementing SaaS business will control the UX around initiating a payment, they could control how much or little bookkeeping to do at time of a payment or transfer.

I'm asking, how do the typical statement-of-purpose and other KYC processes adopted by other fintech firms fit into your API? For example, if my business or I transfer $1,000,000, most fintech firms ask a day or two later to fulfill more detailed statement of purpose asks, as part of a "large transfer compliance" department sort of thing, like providing an invoice and information about the recipient. I understand this is above-and-beyond any regulatory requirements but I could be wrong. So suppose my end user makes a $1,000,000 transfer that I fulfill using Stripe Treasury-backed API, do you then follow up days later with the Treasury implementer (me), via e-mail, to obtain PDFs from the end user, etc.? Or do you simply not perform this sort of above-and-beyond ask?

The broader question was really about, how do you anticipate doing this KYC in an API-driven way? Or is the answer you will not? I'm not asking the specifics of the policy, I understand you cannot disclose the policy, I'm asking from a UX point of view, how will that policy be acted out? Because building the whole API implementation and then winding up in an e-mailing PDF back-and-forth with a contract Stripe employee anyway sounds pretty crummy.

Are the unusual asks are part of determining whether or not the implementor / intermediary is obeying an AUP, not to fulfill legal obligations? AUPs are at once quite subjective and opinionated but also surprisingly uniform among Internet money companies, leading me to believe that this is not something anyone actually feels strongly about but really just cargo-cults. While I do not personally believe this, the most cynical belief is that this is data gathering and lead generation, that Treasury is really a Robinhood-style business, so the docs asked are retained to be later analyzed for secular, non-compliance reasons like identifying new customers (i.e., the recipients's business) and pricing.

[tarstarr]

There are many financial services companies which are supportable. For example, Clearbanc, a financial services company, uses multiple Stripe products. We try to help users by offloading some of the regulatory and compliance work to us, but as you are aware regulation in financial services is complicated and nuanced. I can’t speculate on each possible use case serially, but we’re interested in hearing specifics and trying to support more legitimate fintech businesses versus less with this product.

As for handling exceptions on individual transactions: this is something which Stripe does very frequently with respect to our Stripe Connect users. For example, we might need to inquire about a large payment made over a Stripe Connect platform, particularly if it appears out-of-character for their usage or for that platform. (We might have questions about a million dollar “pizza” order.) Depending on our specific business relationship with the platform, the flow might be the platform reaching out to the customer for documentation, it might be the platform reviewing information provided contemporaneously with the transaction, it might involve us reviewing metadata on the transaction, or it might involve us reaching out to the user.

Depending on the specifics of what a platform does, it might have internal compliance or fraud teams. Many of our large platforms do; we interface with them (and create interfaces for them) to maximize their effectiveness and minimize silliness.

[an_opabinia]

> Clearbanc, a financial services company, uses multiple Stripe products

If Clearbanc tried to use a Stripe product today, it obviously uses the words "investor" and "Fund me" on its landing pages, "democratize access to capital," - so it sounds like crowdfunding, even though I know Clearbanc's business isn't. Your contractor compliance team would say no, but a Stripe W2, who is equipped for this kind of nuance, would say yes.

However: "We provide the capital to grow and, in return, are paid a percentage of revenue until we are paid back plus a small 6% - 12% fee... no dilution, no board seats" is clearly describing a loan. Here's a link (1) to an SEC filing where in plain language a Clearbanc loan recipient describes receiving a "loan" from Clearbanc. So it's clearly a "lending instruments" and credit service, in violation of your AUP, no doubt about it, you even use the word lending instrument to provide the flexibility to account for this sort of stuff. And here, a contractor would not be able to figure out what I just did - they'd say, "oh their landing page is not using the word loan, which is a keyword in my script" - but a W2 would!

I get it, you want to have it both ways, I get that reality is just, "It is case by case, and in reality, we decide for (1) totally random reasons, like whether or not you are reviewed by a contractor or an educated W2, and (2) the cut of your jib." Maybe you guys permit loans in Stripe Connect.

Maybe these Clearbanc guys really did invoke some kind of magic, by not using the word loan but instead using the word advance and fees, even though their own Fast Company article says loan and the recipients (correctly) account for and legally define the money they received from Clearbanc as a loan. I don't know. It's actually really surprising and I'm trying to cut to the core of the AUP question and why it generates so many problems for you guys.

Is your real takeaway: "Oh, I can't say specific companies." I believe this is wrong! I think you should not be afraid to say Clearbanc, and then find out they make loans, and you should be able to just say, "No to AngelList and no to TransferWise." It's not that big of a deal that Clearbanc makes loans, which is against your AUP, you can work with whomever you want! Which is really what I'm getting at, which is to facilitate a conversation, something between educated people who aren't trying to gotcha each other, that is what we're having, about what the potential of the platform is - not a situation where, oh man, what do I put into this "What do you want to build with Stripe Treasury" box on the invite form? Because if I put in the wrong keywords, I am shut out from something really useful to me, not because I am doing something weird and want to skirt compliance, but because it is free.

(1) https://www.sec.gov/Archives/edgar/data/0001700895/000114420... "During 2018, the Company entered into several loan agreements with Clearbanc in the amount of $670,443, bearing interest ranging from 9.25% to 15%. Interest expense on these loans totaled $26,560 for the year ended December 31, 2018. The unpaid principal balance was $291,214 as of December 31, 2018."

[derefr]

I'm confused. Are you trying to say that Stripe is violating their own policies by offering a clearing-house API to facilitate their customers getting loans from banks?

Or are you trying to say that a Stripe customer would be in violation of Stripe's policies, if they used this facilitaton-of-loans to provide loans to their own customers?

Because I think the first statement is obviously false; and the second statement is obviously true, but vacuous — in that that's not the service that Stripe is offering. (Or, I mean, it could be in special cases, but it's not pitched that way because for most companies doing that would be a legal impossibility.)

Obviously, Stripe can hook your company up with a bank; and obviously, that bank can offer your company some loans. Those two processes, separately, are entirely normal things that happen every day in the financial world. Combining them doesn't change that.

Obviously (to me, at least), your company cannot take a loan offered by a bank, and repackage that same loan to your own customers as part of your offering as if it was from you, with your company controlling+mediating that relationship — at least, not without you yourself being legally reclassified as a bank. (Which is why that's not what Stripe itself is doing here. They're just facilitating already-legitimate transactions between banks and businesses, without owning or mediating those transactions.)

And that fact has nothing to do with any company's policies, Stripe's or otherwise; that just has to do with what activities are only legal for banks to do. Stripe isn't filtering these customers out. They're just telling them that they can't take do X with service Y Stripe provides, because they're not banks, and only banks can legally do X, regardless of how.

[rsync]

"I'm confused. Are you trying to say that Stripe is violating their own policies by offering a clearing-house API to facilitate their customers getting loans from banks?"

I think your parent is expressing (among other things) frustration about the fact that Stripe is presenting this product as a very modern, very Internet-based, very progressive product that we expect will be governed by the same kind of opaque, sometimes capricious enforcement of ToS/AUP that google uses to unexpectedly lock people out of their gmail accounts or "de-monetize" their youtube accounts for no discernible reasons ...

... but at the same time, this isn't a free email account and it isn't a video service - it's serious, grownup business involving real money.

So the question becomes, what kind of people are manning the back end infrastructure and how much of it is driven by algorithms ? As your parent describes, he can go to an actual bank and sit down with a real employee and have a substantive conversation with nuance and understanding ... which you can't have with an algorithm.

[donor20]

Can I ask a quick question - do you have familiarity with corporate treasury type activity at businesses and SAAS businesses?

The volume of businesses that will be interested in this is going to be high. Your accounting platform would LOVE to be able to add banking features. Your expense management platform would LOVE to have direct integrated debit cards and cash management for you (and their customers will love it). Your education institutions would love to have their stored value / payment flows made more efficient (huge numbers of changing students with onsite and offsite dining, stipends, reimbursements etc etc with lots of lost cards and more).

In most cases, business do a POOR job of KYC when onboarding payment recipients.

My guess is stripes default flow to onboard hairstylists and dog walkers will be stronger, and repeat bad actors will be more easily identified by them then whatever your existing corporate treasury process is (usually upload an ACH file with some very minimum checks based on a webapp onboarding).Stripes model for KYC / onboarding will be API driven almost certainly, that's going to be part of the value add without question. Emailing PDF's back and forth is not scalable for onboarding with KYC frankly (and not always that secure).

In more specialized cases, the person building on top of the treasury function, if required by their business / license etc, would need to do additional bookkeeping / KYC as necessary. That's how it always is. For example, many states require a money transmitter license. Transferwise could do the recordkeeping and validation around transfers at whatever additional level needed to be able to offer their product in those states, which may include things like finding out source of funds. So if you are operating a money transfer business, yes, you either may not be allowed on stripe, or you may get asked what is going on.

The other thing is, for many transfers "on platform" its going to be VERY clear what is going on. Stripe will have metadata access on the API side it looks like. They can review what is happening for reasonableness. And they already play in a pretty large space, I would be surprised if a lot of use cases exceeded their capacity and am sure MANY use cases would be within capacity.

[rsync]

"While I do not personally believe this, the most cynical belief is that this is data gathering and lead generation, that Treasury is really a Robinhood-style business, so the docs asked are retained to be later analyzed for secular, non-compliance reasons like identifying new customers (i.e., the recipients's business) and pricing."

Thank you for this insight, however unlikely it may end up being - it is very well taken.