Legal services:

Comprehensive legal solutions for contracts, disputes, and compliance. Our expert team ensures legal protection and strategic guidance for your business.

AML consulting:

Specialised AML consulting to develop and maintain robust anti-money laundering policies. We assess risks, offer ongoing support and provide tailored AML services.

Obtaining a crypto license:

We offer licensing and ongoing support for your crypto-business. We also offer licences in the most popular jurisdictions.

Registration of legal entities:

Efficient legal entity registration support. We manage documentation and interaction with the authorities, ensuring a seamless process for establishing your business.

Opening bank accounts:

We facilitate the opening of bank accounts through our extensive network of partners (European banks). Hassle-free process, tailored to your business needs.

COREDO TEAM

Nikita Veremeev
Nikita Veremeev
CEO
Pavel Kos
Pavel Kos
Head of the legal department
Grigorii Lutcenko
Grigorii Lutcenko
Head of AML department
Annet Abdurzakova
Annet Abdurzakova
Senior Customer Success Manager
Basang Ungunov
Basang Ungunov
Lawyer at Legal Department
Egor Pykalev
Egor Pykalev
AML consultant
Yulia Zhidikhanova
Yulia Zhidikhanova
Customer Success Associate
Diana Alchaeva
Diana Alchaeva
Customer Success Associate
Johann Schneider
Johann Schneider
Lawyer
Daniil Saprykin
Daniil Saprykin
Head of Customer Success Department

Our clients

COREDO’s clients are manufacturers, traders and financial companies, as well as wealthy clients from European and CIS countries.

Effective communication and fast project realisation guarantee satisfaction of our customers.

Exactly
Unitpay
Grispay
Newreality
Chicrypto
Xchanger
CONVERTIQ
Crypto Engine
Pion

Since 2016 I have been developing COREDO as a partner that takes on complex legal and financial challenges of international business. During this time the COREDO team has executed dozens of company registration projects in the EU, the UK, Singapore and Dubai, obtained licenses for clients in the payments, forex, crypto services and electronic money segments, and also built reliable AML/CFT programs. Today I want to systematically analyze a topic that regularly comes up in strategic sessions with founders and CFOs: how to obtain a Major Payment Institution license in Singapore and turn it into sustainable competitiveness in the Asian and European markets.

Why Singapore: the MPI license

Singapore is a hub for Asia’s payments infrastructure with transparent regulation and strong correspondent bank trust. Licensing of payment services in Singapore is built around the PSA, and the MAS license for payment operators serves as an international mark of maturity of processes, security and risk management.

The MPI license in Singapore (often called MPI license Singapore) opens access to key activities: cross-border and domestic money transfer, merchant acquisition, issuance of electronic money (e‑money), as well as integration with local schemes PayNow and FAST through a sponsor bank or an approved operator. In practice this creates a base for remittance lines, aggregator models, wallet products and B2B payments with fast settlement and predictable liquidity.

Our experience at COREDO has shown that a Major Payment Institution license in Singapore is an effective anchor not only for Asian markets but also for international expansion through MPI into Asia and Europe. Payment businesses gain simpler transaction routing and improved access to acquiring banks, especially with properly configured AML/CFT and monitoring technologies.

The boundary between Major PI and Standard PI
The PSA distinguishes two classes of universal payment licenses: Standard Payment Institution (SPI) and Major Payment Institution (MPI). The choice of class is not a formality but a strategic factor for unit economics and scalability.

SPI is suitable for companies with limited volumes. Threshold values for average monthly volumes are set by MAS for each service and for aggregate services, and for electronic money there is a limit on float. As volumes grow, a company will inevitably face the need to upgrade the license.

MPI is intended for operators that exceed SPI thresholds and build large-scale products. For MPI there are increased capital requirements, risk management and compliance functions, but the business gains freedom in volumes and in the product line. COREDO’s practice confirms: switching to MPI in advance, before volumes overheat, saves months of time and reduces the cost of change in technology and processes.

Requirements for obtaining MPI
MAS uses a risk-based approach and assesses readiness across several areas. Below are the key ones that we cover in client applications.

  • Ownership structure and beneficial ownership. MAS expects a transparent structure, documentary evidence of ultimate ownership and the absence of sanctions or legal risks. The compliance document package for an MPI applicant should include the ownership chain, proof of source of funds and declarations of beneficiaries.
  • Directors and local presence. Director and local representative requirements for MPI include having at least one director who is a Singapore resident under the Companies Act, as well as competent executive-level personnel able to manage risks. For compliance, local roles are critical: a compliance officer and an AML officer available to MAS for interaction.
  • MAS Fit and Proper test. The regulator applies Fit and Proper to directors, key managers and beneficiaries. They assess business reputation, experience, integrity, financial soundness and track record. The COREDO team prepares dossiers according to the MAS Guidelines on Fit and Proper Criteria and organizes a pre‑submission with the regulator to clear questions in advance.
  • Capital requirements for MPI and financial resources. For Major PI there is a minimum paid-up capital at a level commensurate with the risk profile of the services, usually not less than SGD 250,000. Additionally MAS may request a security deposit in a range that depends on the class of services and volumes. We model liquidity stress scenarios and capital adequacy in advance.
  • AML/CFT requirements for MPI and KYC processes. The applicant must demonstrate a full AML/CFT program: policies, CDD/EDD, sanctions screening, transaction monitoring, SAR, staff training. KYC requirements when obtaining MPI include risk-based approach, procedures for B2B and B2C, a PEPs policy and independent verification.
  • Technological and operational readiness. MAS assesses information security, compliance with TRM Guidelines, the presence of an ISO 27001/PCI DSS roadmap, BCP/DRP plans and incident response. We link this to operational SLA, latency, throughput and resilience.

How to obtain a license MPI in Singapore
The action plan used by the COREDO team is based on MAS regulatory practice and the real lifecycle of a payments startup.

  1. company registration in Singapore (ACRA) and basic substance. We form the board of directors, appoint a local director, determine the office and key roles. From the very start we plan economic substance: functions, staff, and on-site decision-making.
  2. Pre-submission session with MAS (pre‑submission). I initiate meetings with the regulator to align the business model of the MPI payment operator, the scope of services under the PSA, target markets, KYC/KYB processes and the team’s knowledge. This reduces the risk of fundamental pivots at late stages.
  3. Preparation of a business plan and financial model for MPI. At COREDO we work out unit economics (MDR, interchange, FX margin), TCO, NPV and payback for the MPI license. The model covers scenarios of volume growth, take‑rate, churn, CAPEX on technology, OPEX on compliance and the staffing structure.
  4. Compliance design. We create an AML/CFT program, CDD/EDD procedures, a sanctions screening policy, risk assessment (RBA), a governance matrix and an independent ininternal audit. For crypto‑services we take into account VASP/DPT requirements and legal risks when working with tokenized assets.
  5. Technology stack. We design the API gateway and microservices architecture, define latency and throughput targets, plan horizontal scaling and sharding, implement a PCI DSS/ISO 27001 roadmap, and build in fraud detection and transaction monitoring.
  6. Application process to MAS for an MPI license. We prepare the full form, attachments on directors and beneficiaries, technological and compliance descriptions, contractual models with outsourcing providers and cloud hosting, and policies on data residency and GDPR.
  7. Responses to MAS queries, interviews and fit‑and‑proper checks. We separately work on third‑party risk management, outsourcing compliance and cloud risks. It is important to document control and access to data, and to conduct Due Diligence of suppliers.
  8. Setting up banking relationships and integrations. We build relationships with acquiring banks and correspondents, define settlement cycles, liquidity management and schemes for PayNow and FAST (through a sponsor bank or an approved operator), and finalize SLAs.
  9. Post‑licensing readiness. We update BCP/DRP, the incident response plan, prepare for an on‑site MAS inspection, launch continuous monitoring and internal audit. We implement KPI dashboards for compliance and operations.
Timelines and stages for obtaining an MPI depend on the complexity of the model and the readiness of the team. In practice, COREDO clients receive approval within 6–12 months including the pre‑submission phase, which confirms the effectiveness of thorough preparation.

Cost, TCO and ROI
financial transparency begins with a detailed TCO. In our calculations we include government fees (application and annual fees for each type of service), security deposit, capitalization, expenses for the technology stack, PCI DSS/ISO 27001 compliance, salaries of key roles, external audit and internal control.

The cost of obtaining an MPI license and related expenses vary. Early‑stage businesses spend more proportionally on information security and compliance, while mature companies spend more on scaling and resiliency. To assess ROI when investing in an MPI license I use several demand scenarios, sensitivity to MDR/FX‑margin, cross‑border effects and churn benchmarks. This approach allows decisions to be made in terms of payback and NPV, not intuition.

MPI business model: products and liquidity
An MPI license for a remittance operator opens a solid foundation for cross‑border transfers, wallet top‑ups, payouts to local banks and merchant acquiring. The ability to issue e‑money under MPI adds flexibility in B2C onboarding and building savings products.

Relationships with acquiring banks and correspondents are key to the economics. We work through pre‑funding schemes, settlement cycles, cut‑off times and SLAs for chargebacks and refunds. Integration with PayNow and FAST for an MPI operator speeds up local settlements and often reduces costs on card rails, creating advantages for B2B invoicing and P2P.

In the technology roadmap there is room for merchant onboarding and KYC processes for sellers, transaction risk‑scoring, anti‑fraud and chargeback analytics. COREDO practice confirms that an API‑first approach and clear SLOs for latency reduce operational disruptions and improve merchant conversion.

AML/CFT, KYC/EDD and sanctions screening
MAS expects a comprehensive AML/CFT program for payment providers. I always start with an enterprise‑level risk assessment (RBA), covering geographies, products, channels, abuse typologies and customer profiles, including PEPs and high‑risk.

Next we form CDD processes for B2C and KYB for corporate clients, including beneficial ownership and transparency. Best practices for KYC/EDD in the B2B and B2C segments under MPI include eKYC with biometrics, automated sanctions screening against OFAC/UN/EU, adverse media and monitoring of changes in customer status in near real‑time.

Sanctions control and SAR procedures are critical. Setting up transaction monitoring and SAR for MPI is built on scenarios, thresholds and machine learning signals with manual verification. At COREDO we select regtech platforms, design triggering rules and train teams to reduce false positives without losing sensitivity.

PCI DSS technologies and BCP/DRP

The infrastructure and technologies required for MPI must comply with MAS TRM Guidelines. This includes vulnerability management, network segmentation, cryptography, logging and monitoring, as well as independent verification of integrations and changes.

Information security requirements for MPI, ISO 27001 as a management system, PCI DSS for card processing, and, where appropriate, SOC 2 for partner trust. Preparing the technology stack and APIs for PCI/PSA compatibility increases the chances of quick approval.

The incident response and business process recovery plan for MPI is formalized as a BCP/DRP with testing. I specifically insist on regular chaos tests, RTO/RPO metrics and an inventory of critical dependencies. This ensures real, not declarative resilience.

Local economic substance of outsourcing
How to ensure economic substance for MPI in Singapore: a real question for MAS. The solution lies in a combination of an office, management functions, local compliance and operations that take place on the territory of the country. The COREDO team helps determine the set of functions that truly create value and embed them in the organizational structure.

Outsourcing and risk management of third parties for MPI require contractual KPIs, audit rights, exit‑strategies and data governance. We align cloud hosting with MAS outsourcing and TRM requirements, considering data residency, cross‑border access and GDPR for EU customer personal data.

Reporting and internal audit requirements for MPI imply an independent assessment of the effectiveness of AML/CFT, information security and operational controls. For mature teams I recommend an annual independent review, which MAS views positively.

MAS: from sandbox to on‑site inspections
Regulatory interaction is better built proactively. Pre‑submission meetings with MAS help clarify PSA interpretations and the scope of services, and the MAS regulatory sandbox is a useful track for innovations if a product requires a testing period.

How to prepare for an MAS on‑site inspection? I run a dry‑run: we simulate interviews on AML, technology, incident management, check reports and logs, test onboarding samples and SAR cases. Continuous monitoring and regulatory in‑person inspections go more smoothly when the team is trained and the documentation is alive, not gathering dust on a shelf.

The procedure for changing license conditions and expanding activities requires separate approvals. The solution developed at COREDO includes a governance process for change management so that any new product is brought into the scope of regulatory analysis in advance.

European regulation and expansion

Opportunities to expand into European and Asian markets via MPI are real if bank correspondent accounts and partnerships are set up correctly. I often link the Singaporean platform to a European strategy, where PSD2 and local regulatory requirements for payment institutions and e‑money issuers apply.

The impact of PSD2 and European regulation on MPI models for expansion is expressed in requirements for open APIs, SCA and third‑party management. The COREDO team aligns security and compliance standards to avoid duplication of costs and speed up time‑to‑market.

Managing currency risks and FX‑hedging for multicurrency settlements is important when launching cross‑border produktov. We use a combination of NDF/forwards and internal exposure limits to maintain margin and the SLA for execution.COREDO Case Studies: How It Works

Recently the COREDO team implemented a project for a money transfer operator focused on Southeast Asia–Middle East corridors. We structured the company in Singapore through ACRA, verified beneficial ownership, built an AML/CFT program and implemented transaction monitoring. The client obtained a Major Payment Institution license in Singapore, integrated with PayNow/FAST through a sponsor bank and opened correspondent accounts. After six months of operations the project reached its planned take‑rate and reduced execution costs by 18% through optimization of settlement cycles.

Another project was a payments aggregator for marketplaces, where the business model required merchant acquiring and issuing e‑money balances for sellers. The solution developed at COREDO combined a PCI DSS‑compliant architecture, KYB onboarding with eKYC and sanctions screening, as well as a roadmap for ISO 27001. MAS approved the model on the condition of an independent internal audit after 12 months, for which we prepared the client.

The third example is a fintech with a crypto on/off ramp that operated as a VASP in certain markets, while in Singapore it focused on fiat remittance and merchant acquiring under the PSA. We separated the regulatory perimeters, built EDD for high‑risk customers and put in place a policy on legal risks of tokenized assets. This allowed maintaining access to correspondent banks without increasing sanctions exposure.

KPIs for Scaling

Key KPIs for assessing the effectiveness of MPI operations include volume growth, authorization conversion, take‑rate, net revenue retention, churn, fraud ratio and SLA for settlement. I recommend quarterly product and compliance reviews to catch trends early and adjust monitoring rules.

The term and renewal conditions of an MPI license depend on compliance with reporting and inspection outcomes. Post‑licensing MAS reviews focus on incidents, outsourcing and changes to the business model. COREDO’s practice confirms that regular training and a compliance culture reduce operational risks and speed up the approval of new initiatives.

Exit scenarios from the MPI business and portfolio transfer require pre‑defined options: portfolio sale, merger, license surrender. We work through legal and operational steps to protect clients and partners for any strategic decision.

Pre‑submission Checklist
Before clicking “submit” to MAS, I go through an internal checklist. This approach saves weeks of back-and‑forth and prevents critical failures.

  • Business model: PSA services are clearly described, target markets and FX risks are justified, the financial model confirms sustainability.
  • Ownership and Fit and Proper: the structure is transparent, sources of funds are verified, directors’ and beneficiaries’ dossiers are complete.
  • AML/CFT: the RBA is complete, CDD/EDD procedures are ready, sanctions screening is configured, SAR processes are tested.
  • Technology: architecture is documented, PCI DSS/ISO 27001 roadmap in progress, TRM controls mapped, BCP/DRP tested.
  • Outsourcing: contracts include audit rights, SLAs and exit clauses, supplier due diligence completed.
  • Banking relationships: draft agreements with acquirers/correspondents are agreed, settlement and liquidity calculated.
  • Documents for MAS: forms, attachments, policies and reports are up to date, answers to expected queries are ready.

How COREDO Strengthens the Project
I structure support so that the client sees a clear trajectory. First, the strategic choice between Standard PI and MPI, assessment of the time horizon, costs and risks. Then, creating substance and organizational design, preparing the business plan and financial model, the compliance program and the technology project.

The COREDO team integrates regulatory experience, product analytics and security engineering practices. We engage vetted CaaS providers, regtech platforms, auditors and payment infrastructure. At the final stage we support the dialogue with MAS, prepare for on‑site inspections and help launch operational reporting.

Our approach is simple: predictability, proven methodologies and personal accountability. This reduces the risk of missed deadlines and allows teams to focus on product and customers, not bureaucracy.

MPI in Singapore: a Strategic Asset

An MPI license in Singapore is not a line in an investor deck. It’s the business architecture: a thoughtful governance model, sound AML/CFT, strong banking relationships and a technology platform with clear SLAs and security at the PCI DSS/ISO 27001 level.

The COREDO team has guided clients through the full cycle: from ACRA registration and pre‑submission with MAS to integration with PayNow/FAST and on‑site inspections. We see how a Payment Services Act (PSA) Singapore license turns into sustainable volume growth, predictable margins and partner trust across Asia and Europe. If you are considering the MPI path, embed risk management, economics and technology from day one, and licensing will become a catalyst for scaling rather than a brake.

I’m ready to discuss your business model, align it with MAS requirements and assemble a roadmap — from application to first transactions. At COREDO we value entrepreneurs’ time and focus, so every decision is tied to metrics and every document serves a real purpose: to accelerate the product’s route to market and maintain quality at international standards.

I have been leading COREDO since 2016 and often see strong products stall in Latin America because of two factors: choosing the wrong acquiring model and underestimating local regulatory and technical nuances. The COREDO team has implemented dozens of projects in the EU, the UK, Singapore and Dubai, and in recent years: in Brazil and Mexico. This has allowed us to develop tools that shorten time-to-market, lower MDR and increase authorization rate without compromises on compliance.

In this article I have compiled operational best practices for e‑commerce, marketplaces, fintech companies and subscription services. The text is both strategic and applied: from choosing a model (local vs international acquiring) to specific KPIs, fraud rules, onboarding checklists and our migration practice from foreign PSPs to local acquirers.

Local acquiring in Latin America

Illustration for the section «Local acquiring in Latin America» in the article «Card Acquiring in Latin America Brazil and Mexico»

Latin America: one of the fastest-growing online payments markets, and acquiring in Latin America requires local thinking. Card acquiring in Brazil and card acquiring in Mexico work differently than in Europe or Asia: a strong role of local schemes (ELO, Hipercard), alternative methods (Pix, Boleto, Oxxo Pay) and the specifics of address scoring.

International acquiring Brazil/Mexico is attractive for its ease of getting started, but often loses conversion: issuing banks in LATAM are more likely to decline cross-border transactions. In e-commerce this hits the authorization rate and raises the decline rate without objective reasons. COREDO’s practice confirms: local routing and local payment methods deliver a conversion increase of 10–25% compared with pure cross-border.

Acquiring: local vs international

Illustration for the section 'Acquiring: local vs international' in the article 'Card Acquiring in Latin America Brazil and Mexico'

The choice between local and international acquiring directly affects conversion, MDR level and the risk of encountering hidden fees. Let’s look at the advantages local acquiring provides in Brazil and how that is reflected in the final price and decline rates.

Acquiring in Brazil: advantages

Local acquiring in Brazil provides direct access to ELO and Hipercard, support for installments (parcelado) and precise risk scoring taking into account ZIP codes and device fingerprinting. A solution developed at COREDO for a fashion retailer showed an approval rate increase from 67% to 86% after switching to local processors Cielo and Rede, taking into account EMV 3‑D Secure 2 (3DS2) and tokenization.

With local acquiring it’s easier to connect Pix and Boleto bancário, which covers the “cash” segment and customers without cards. This is especially important in regions and the suburbs, where card penetration is lower and the share of Pix and Boleto is higher than in megacities.

Advantages of local acquiring in Mexico

In Mexico, local acquiring increases card approvals by taking into account Banxico rules and local behavioral analytics. Integration with PSPs in Mexico allows adding Oxxo Pay and SPEI/CoDi, which provides a noticeable uplift in conversion for marketplaces and digital services.

For offline, POS acquiring and terminals in Mexico are no less important than the online channel: support for EMV, contactless and NFC is better validated through a pilot in two or three states: authorization dynamics outside the city and in the capital differ. Our experience at COREDO showed that calibrating fraud rules by region reduces the false positive rate by 15–20%.

MDR and hidden fees: where percentages are lost

MDR fees in Brazil and MDR fees in Mexico depend on MCC, average ticket, chargeback profile and local payment methods. In Brazil, parcelado increases the total cost of ownership of acquiring due to financing of installments. In Mexico, cash via Oxxo Pay adds fixed fees.

Hidden acquiring fees in Latin America are often hidden in FX conversion (BRL/MXN to USD), fees for early settlement (T+0) and additional percentages for high‑risk MCCs. The COREDO team usually requests a full breakdown of unit economics: interchange, scheme fees, acquiring markup, rolling reserve, collateral and settlement fees, to avoid surprises and correctly calculate ROI.

Conversion: local/international

The comparison of local and international acquiring by conversion is almost always in favor of local. Authorization rate in Brazil and Mexico increases due to:

  • local routing to Cielo, Rede, Getnet, PagSeguro;
  • support for local schemes (ELO/Hipercard);
  • 3DS2 according to issuers’ regional rules and soft declines retry logic.
On one project the decline rate fell from 24% to 11% after implementing re‑processing and retry logic with local timeouts. This is a case where upgrading scoring and routing produced a noticeable effect without a sharp increase in fraud.

Regulation and Licensing

Illustration for the section 'Regulation and Licensing' in the article 'Card Acquiring in Latin America: Brazil and Mexico'

An analysis of the regulatory framework and licensing requirements shows which legal and operational standards govern the work of financial institutions across different jurisdictions. The section sequentially examines practical examples and regulatory reporting, in particular the approach of the Banco Central do Brasil and the specifics of Brazilian supervision.

Central Bank of Brazil Reporting

Acquiring regulator: Banco Central do Brasil. For payment service providers and acquirers a licensing and reporting regime applies, including capital requirements, risk management and information security. A separate layer is LGPD as the basis for data privacy and data localization.

KYC/AML requirements for merchants in Brazil include CDD, PEP screening and ongoing transaction monitoring. Suspicious transactions are reported through channels established by the regulator (local equivalents of SAR) involving COAF. In COREDO projects we embed these flows at the process design stage to avoid revisiting the architecture months later.

Banxico and CNBV in Mexico

In Mexico supervision is carried out by Banco de México (Banxico) and CNBV (Comisión Nacional Bancaria y de Valores). Regulatory requirements for acquiring in Mexico cover operational risks, PLD/FT (AML/CFT) and transaction reporting rules. For marketplaces it is important to understand the status of split settlements and the procedure for disclosing fees in statements.

KYC/AML requirements for merchants in Mexico involve identification of beneficiaries, PEP screening and automation of anomaly monitoring. Local “SAR-like” notifications are processed through national mechanisms in cooperation with financial institutions. Implementing the correct onboarding questionnaire and document checking at an early stage saves weeks during submission.

Local Registrations and Taxation

To enter the Brazilian market, a foreign seller often needs to open a CNPJ and a local legal entity, especially when using local acquiring and working with Pix/Boleto. Taxation of payments in Brazil for non-residents affects service taxes and possible withholding tax, and this needs to be modeled in advance.

In Mexico, obtaining an MX RFC often becomes a mandatory step for local settlements and issuing fiscal documents. Taxation of payments in Mexico for foreign sellers includes IVA and local withholdings for certain delivery models. At COREDO we work together with tax advisors to build a cascade of contracts and settlement flows to avoid double taxation and mismatches between VAT/IVA.

Impact of payment methods on strategy

Illustration for the section «Impact of payment methods on strategy» in the article «Card Acquiring in Latin America Brazil and Mexico»

Payment methods shape a company’s commercial and operational decisions, defining the customer experience, risks and monetization channels. Understanding their impact on strategy is especially important when assessing local innovations, for example how Pix is changing card acquiring in Brazil.

How Pix affects acquiring in Brazil

Pix: Brazil’s instant payments that changed basket composition. In low AOV categories Pix pulls share from cards, lowering the MDR, but changing decline and return behavior. In high‑ticket segments cards and parcelado still dominate, and card acquiring in Brazil remains critical.

COREDO’s practice confirms: the optimal strategy is hybrid. Pix is used as the primary offer for price‑sensitive buyers, but cards retain priority for subscriptions and installments. It’s important to set up reconciliation for Pix and cards in a single register.

Why connect Boleto, Oxxo and CoDi/SPEI?

Boleto bancário – a bank payment with delayed confirmation. It increases conversion in regions and among customers without cards, but requires careful inventory management due to confirmation delays.

In Mexico the role of CoDi (Cobro Digital) and SPEI is in instant transfers, and Oxxo Pay covers cash scenarios. Connecting local payment methods (Boleto, Oxxo Pay, Pix) expands the audience, but increases the complexity of reconciliation and risk rules. The solution developed by COREDO for a marketplace in Mexico combined CoDi/SPEI and cards into a single settlement calendar and reduced operational errors in reconciliation statements by 40%.

Processors and local schemes

Support for ELO, Mastercard, Visa, Hipercard in Brazil is mandatory. Among local processors we most often see Cielo, Rede, Getnet and PagSeguro; their behavior in terms of authorization rate differs from MCC to MCC. Correct routing between acquirer processor via ISO 8583 and, where available, ISO 20022, yields an increase in approvals and resilience.

Connection models: Merchant/PayFac/BIN

Illustration for the section 'Connection models: Merchant/PayFac/BIN' in the article 'Card Acquiring in Latin America Brazil and Mexico'

The choice of connection model — classic merchant, PayFac or BIN sponsorship — is determined by a combination of requirements for control, speed to market and operational responsibility. This determines how quickly and legally a European business can connect acquiring in Brazil, which legal and technical requirements will need to be met, and what costs will arise.

How to connect acquiring in Brazil

For a European merchant, the question “how to connect acquiring in Brazil for a European business” starts with choosing a model: a local company with a CNPJ and a local merchant account, or an international PSP with local routing. The first option takes more time but delivers the best conversion and control over MDR.

How long does it take to open a merchant account in Brazil? In COREDO’s practice — from 3 to 6 weeks for low-/mid-risk with ready PCI DSS infrastructure and transparent KYC. High-risk, installment plans and marketplace models extend the timeframe to 8–10 weeks due to underwriting and fraud testing.

Acquisitions in Mexico by a foreign company

In Mexico, “how to connect acquiring in Mexico for a foreign company” depends on having an RFC and a local bank account for settlements in MXN. Without local presence, a hybrid approach is reasonable: an international provider with a local partner and integration with Oxxo/SPEI.

How long does it take to open a merchant account in Mexico? On average 2–5 weeks for standard categories and up to 7–9 weeks for marketplaces with split settlements, when deeper Due Diligence of sub-merchants is required.

PayFac and BIN sponsorship in Latin America

The PayFac model vs a classic merchant account in LatAm is a question of scale and control. PayFac/aggregator simplifies onboarding of sub-merchants, speeds up go-live and provides ready white-label acquiring. A classic merchant account increases margin and flexibility of risk policies, but requires its own license/registration and processes.

BIN sponsorship in Latin America is becoming sought after by those building their own payment products or cards. At COREDO we support negotiations with sponsoring banks, design compliance and help to pass technical certification to shorten the path from MVP to pilot.

Underwriting: reserves and holdbacks

Underwriting and merchant due diligence in LatAm are based on MCC, AOV, CBR and chargeback history. Rolling reserves and acquiring reserves in LatAm are applied more often in high-risk and subscription models. The clearer the KYC package and refund policy, the lower the collateral and the faster the holdbacks are released.

API, PCI, EMV 3-D Secure: security

A reliable technical and security foundation is not a set of abstract requirements but a practical toolkit: APIs, PCI compliance, implementation of EMV 3‑D Secure and tokenization provide security and trust during transactions. When integrating for marketplaces and mobile applications, the correct combination of these components ensures both regulatory compliance and convenience for users.

Marketplace and application integration

Technical integration of acquiring APIs for marketplaces requires support for marketplace payments and split settlements at the acquirer/PSP level. Online for Brazil: online acquiring for marketplaces with support for parcelado, Pix and local schemes; for Mexico: compatibility with Oxxo and SPEI is required.

If the question is “how to choose an acquirer for a mobile app in Brazil”, I look at the SDK, stability of mobile 3DS2, tokenization and offline modes for contactless. Payment page conversion and UX metrics directly affect unit economics and approval cost.

PCI DSS, EMV and tokenization

PCI DSS and local compatibility for acquiring: the foundation. We determine the SAQ type, deploy P2PE on terminals and encrypt PAN on entry. EMV and contact/contactless payments in Latin America create a liability shift: in the absence of EMV, fraud liability falls on the party without EMV support.

EMV 3‑D Secure and 3DS2 for LATAM increase security and approval rate when friction is configured correctly. Tokenization and PAN tokens reduce fraud and improve UX, especially in recurring payments and apps with one‑click purchases.

Fraud management: reducing declines

Fraud management and transaction profiling are built on a combination of rules and machine learning for fraud detection. We use fraud indicators: BIN analysis, velocity rules, device fingerprinting and geo-patterns. The balance between protection and conversion is expressed in the false positive rate: reducing it directly increases revenue.

How to reduce declines in Brazil and Mexico: apply local BIN tables, multi-step retry on soft declines, correct MCCs and specialized routing by card types. Re‑processing helps recover up to 5–8% of declined attempts with proper timeouts and limits.

Operational processes: settlements and FX

In operational processes, settlements, FX management, timely reporting and regular reconciliation play a key role – the accuracy and transparency of financial flows depend on them. Particular attention is required for settlement cycles and settlement timelines, since their configuration determines how quickly and correctly positions will be closed and reports generated.

Settlement cycles: settlement timelines

Settlement cycles and settlement timelines in Brazil and Mexico vary by payment methods and providers. Cards are more often T+1/T+2, Pix and SPEI: closer to T+0/T+1, while Boleto and Oxxo have confirmation delays. Settlement lag is critical for cash‑flow: the financial model must account for schedules and possible holds.

Hedging currency settlements

FX and currency conversion in international payouts (BRL, MXN, USD) are a zone of hidden losses. Settlement currency and FX spread affect the final MDR when converted to the base currency. We set control rates, use hedging and verify chains of international transfers and correspondent banks so as not to lose margin in transit.

Data privacy and GDPR for European companies in LATAM require special attention to data localization and storage requirements. I recommend determining in advance which personal data fields are stored in the EU, and which are in Brazil/Mexico taking into account LGPD and the local regime.

Reporting, MCC and AML monitoring

Reporting requirements to Banco Central do Brasil and Banxico include operational and statistical data, as well as specific forms on payment flows. MCC and risk categorization affect limits, escalation thresholds and chargeback thresholds. A merchant registry and AML monitoring must be regularly updated: this helps pass independent audits without emergencies.

Reconciliation and accounting for cross‑border sales we build taking into account splits, refunds, chargebacks and multi‑currency reporting. Such a stack frees the CFO from manual reconciliation and reduces errors in P&L.

Chargebacks and disputes: rules and metrics

Managing chargebacks and disputes requires clear rules and precise metrics to effectively reduce losses. Below we will examine key procedures, including representment stages, and practical steps to decrease the number of disputed transactions.

Representment procedures

Chargebacks and disputes in Latin America are subject to card scheme rules, but local issuers add nuances. Chargeback and representment rules require careful documentation: proof of delivery, authorization logs, 3DS results and the history of communication with the customer.

Chargeback to sales ratio (CBR) and chargeback thresholds, key benchmarks for risk teams. When CBR increases acquirers build up reserves and may change fees. Our team configures alerts and a weekly root-cause analysis to act proactively.

Reducing chargebacks and declines

How to reduce the chargeback rate in Latin America? Combine a clear returns policy, local customer support, correct descriptors and 3DS2 with adaptive friction. For subscriptions: proactive notifications and token updates reduce disputed charges.

KPI: approval rate, average ticket and chargeback rate should be visible on a single dashboard. Decline rate analysis and soft declines combined with retry logic provide quick wins while the main fraud strategy “learns” on new data.

Subscriptions and recurring payments

acquiring services for subscriptions and recurring payments in Mexico and Brazil require stable tokenization and card update models. AOV, LTV and CAC are metrics that directly depend on the unit economics of the transaction and the cost of approval. Smart routing and local tokens reduce churn caused by declines.

COREDO case studies: what worked

COREDO case studies show what worked in practice across different markets and challenges. Below: real examples, including cost reductions and ROI growth in Brazil, with an analysis of the approaches used and results achieved.

Cost reduction and ROI growth in Brazil

One of COREDO’s projects, a digital service with international acquiring in Brazil, had a high decline rate and MDR. After migrating to a local acquirer and adding Pix the overall cost per approval fell by 18%, ROI on implementing local acquiring paid back in 4.5 months, and the approval rate increased by 17 percentage points. The ROI estimate when switching to local acquiring was based on real AOV, MDR, chargebacks and settlement lag data.

Checklist for migrating from a foreign PSP

Migration from a foreign PSP to a local acquirer – a checklist that the COREDO team uses regularly:

  • audit of MDR and all markups, including FX and early settlement;
  • comparison of authorization rates by BIN and MCC;
  • verification of 3DS2 flow and tokenization;
  • setting up split settlements and marketplace payouts;
  • tests of re-processing and retry logic on soft declines;
  • legal section: contracts, KYC, rolling reserve, SLA for disputes.
We carry out PSP integration in Brazil and PSP integration in Mexico taking into account processing technology stacks: ISO 8583 gateways, webhooks, idempotency keys and reporting. This reduces downtime risk when switching traffic.

Choosing a partner by region

M&A and due diligence when choosing an acquiring partner include checking licenses, reserves, SLAs and the 3DS/EMV roadmap. White‑label and SaaS acquiring solutions are suitable for fintech companies and marketplaces seeking to control UX without their own acquiring license.

Regional differences “city vs province” in card acceptance are noticeable: in metropolises there’s a higher share of contactless and 3DS approvals, in regions, a greater weight of Pix/Oxxo and sensitivity to timeouts. We take these observations into account in routing and scoring.

Step-by-step roadmap

Step-by-step recommendations and action plans will help structure entry into the Brazilian market and avoid common mistakes when setting up acquiring. Below is a checklist for European businesses with specific steps on legal requirements, provider selection, and integrating payment solutions in Brazil.

How to set up acquiring in Brazil

  • Legal structure: assessing the need to open a CNPJ and a local account.
  • Licensing/partnership: choosing a local acquirer/PSP (Cielo, Rede, Getnet, PagSeguro) and setting up a merchant account and merchant ID.
  • Payment methods: cards (including ELO/Hipercard), Pix, Boleto; EMV 3DS2.
  • Security: PCI DSS (SAQ scope determination), P2PE, tokenization, EMV liability shift control.
  • Technology: API/SDK, ISO 8583 compatibility, fallback routing, retry logic.
  • Risk: fraud rules, ML model, BIN analysis, velocity rules.
  • Operations: settlement cycles (T+1/T+2), rolling reserve, reconciliation and reporting in regulator format.
  • Taxes: VAT/IVA impact, withholdings, FX strategy for BRL/USD and hedging.

How to set up acquiring in Mexico

  • Registration: assessing the need for an MX RFC and a local bank account.
  • Partnership: choosing an acquirer/PSP that supports Oxxo Pay, SPEI/CoDi and 3DS2.
  • Model: PayFac/aggregator vs classic merchant with white-label capabilities.
  • Technology: marketplace payments, split settlements, webhooks, idempotency.
  • Security: PCI DSS, SAQ, EMV contact/contactless, tokenization.
  • Risk: chargeback and representment rules, chargeback thresholds, monitoring.
  • Operations: settlement currency (MXN/USD), FX conversion, correspondent banks.
  • Reporting: Banxico/CNBV requirements, merchant registry, AML monitoring and local suspicious activity notifications.

Acquiring as a growth driver, not a cost

Acquiring for e‑commerce in Latin America: it’s about strategy, architecture and execution discipline. In Brazil and Mexico the advantage comes from local acquiring with support for alternative methods, correct routing, a strong fraud stack and a transparent operating model with control of FX and settlement cycles. When all elements converge, authorization rate grows, MDR decreases relative to revenue, and chargeback risk remains manageable.

COREDO accompanies clients throughout the entire journey: from registering a company abroad, obtaining financial licenses and AML consulting to integrations with acquirers, building a PayFac model and BIN sponsorship. I see my role as shortening your path to the LATAM market, removing regulatory and technical barriers and turning payments into a sustainable competitive advantage. If you are planning a launch in Brazil or Mexico – we’ll discuss your funnel, KPIs and risks and put together a realistic roadmap with clear timelines and budget.

I have been leading COREDO since 2016, and during that time the team has guided clients through the entire process, from choosing a jurisdiction and forming a legal entity to obtaining financial licenses, setting up AML/compliance and bringing products to markets in Europe and Asia. In this article I have collected the practices and methodology by which COREDO supports projects on the way to an MNB EMI license in Hungary (Magyar Nemzeti Bank), and I also honestly describe the costs, timelines, risks and requirements. My goal is to give entrepreneurs, CFOs and product managers a clear roadmap that saves time and reduces regulatory uncertainty.

Why Hungary for EMI in 2025–2026

Illustration for the section 'Why Hungary for EMI in 2025–2026' in the article 'EMI license in Hungary – cost and timelines'
Hungary offers a clear regulatory environment, access to the EU market and a mechanism for passporting an EMI license to EU and EEA countries. The MNB (Magyar Nemzeti Bank) is known for attentive but constructive supervision: the regulator provides direct feedback, values mature models and takes a pragmatic approach to outsourcing and cloud infrastructure with appropriate controls. In practice COREDO confirms: a properly prepared dossier and a well‑calibrated business plan speed up the procedure and reduce the number of clarification requests.

An additional argument is the ecosystem of financial and banking partners, access to virtual IBAN providers, card issuing/acquiring and mature processing platforms. From the perspective of scaling within the EU, the Hungarian electronic money license (electronic money license Hungary) works predictably: after approval, passporting an EMI license within the EU from Hungary becomes an operational task rather than a separate licensing process.

PSD2 and the E-money Directive: MNB supervision

Illustration for the section 'PSD2 and the E‑money Directive: MNB supervision' in the article 'EMI license in Hungary – cost and timelines'
EMIs in Hungary are regulated at the EU level by Directive 2009/110/EC (E‑money Directive) and by PSD2 (Payment Services Directive), transposed into national legislation. These frameworks define the range of services, requirements for safeguarding clients’ funds, capital and organisational structure. COREDO’s practice shows that strict adherence to European terminology and methodologies in documents for the MNB reduces communication “noise” and speeds up approvals.

In the AML area, the package of 4th/5th/6th AML directives (EU) applies, which set requirements for KYC/KYB, sanctions screening, PEP screening, transaction monitoring and risk management. The COREDO team has implemented dozens of AML frameworks, adapting the risk model to the product and geography, and each time we see that the MNB values a risk‑oriented approach backed by measurable triggers and thresholds.

How EMI differs from a payment license

Illustration for the section «How EMI differs from a payment license» in the article «EMI license in Hungary – cost and timelines»
A comparison between an EMI license and a payment license in the EU should be made first. A payment license (PI) allows providing payment services, but not issuing electronic money. EMI, unlike PI, grants the right to issue e‑money and expands product capabilities (wallets, prepaid cards, stored value). Our experience at COREDO has shown that for models with client balances and multi-currency wallets EMI is the natural choice, whereas pure acquiring or PIS/AIS can be more effective in the PI format.

Requirements for an EMI license in Hungary

Illustration for the section «Requirements for an EMI license in Hungary» in the article «EMI license in Hungary – cost and timelines»

Minimum statutory capital EUR 350000 for an EMI (EU): a basic threshold, but in practice the regulator expects confirmation of financial resilience over a 12–36 month horizon. In addition to capital, regulatory capitalization and provisioning will be required depending on the scale of activities and the risk profile. financial resilience and stress tests of the business model are a mandatory section of the business plan, and COREDO constructs them based on the unit economics of transactional flows, seasonality and sensitivity to FX and the cost of correspondent relationships.

Fit and proper test for directors and key personnel requires an impeccable business reputation, relevant experience and genuinely engaged management in Hungary. In most cases hiring a local director for an EMI in Hungary is required; the cost depends on the candidate’s profile and starts at senior-level market rates. Internal control, an independent compliance function and an MLRO (officer for AML/CFT) are the core of the operating model, and COREDO’s practice confirms: a clear allocation of roles and regular reporting to the MNB resolves questions at the review stage.

Documents for an EMI license in Hungary

Illustration for the section "Documents for an EMI license in Hungary" in the article "EMI license in Hungary – cost and timelines"
Preparation of the dossier for the MNB EMI license – a project where completeness, logic and interconnections matter. The basic package usually includes:

  • Business model plan (business plan) for an EMI license in Hungary, including financial forecasts, stress scenarios, KPIs and unit economics. The document should speak the language of numbers, not slogans.
  • Policies and procedures: AML/CFT program and risk assessment (MLRO), KYC/KYB, transaction monitoring and trigger rules, sanctions checks and screening of lists, procedure for confirming source of funds (source of funds).
  • Requirements for internal control and the compliance function, conflict of interest management and corporate governance; provisions on independence and escalation.
  • Requirements for safeguarding e-money funds in Hungary: models of fund retention (segregated accounts vs trust accounts), custody agreements with partner banks and external confirmation of safeguarding.
  • IT security, ISO 27001 and, for card issuing/acquiring, PCI DSS; architecture, BCP/DR (business recovery and continuity plan), incident management, outsourcing of regulatory-significant functions (cloud, processing).
  • GDPR and data protection, including the role of the DPO, DPIA and the access model for personal data.
  • Registers of beneficial owners (UBO) and EU requirements, ownership structure and confirmation of transparency.
The solution developed by COREDO links the financial model with risks and IT architecture: the regulator sees how the business logic is translated into processes, controls and metrics. This reduces the risk of additional rounds of questions.

How to obtain an EMI license in Hungary

The practical instructions begin with establishing a legal entity in Hungary for an EMI. The choice of legal form for financial services depends on ownership structure and board requirements, and at this stage we prepare executive candidates and a competency matrix in advance. It is important to align the office, substance and employment contracts of key personnel, otherwise the timeline will “freeze” on formalities.

The timeframes for obtaining an EMI license in Hungary consist of several phases. The preliminary assessment (pre‑application) may take 1–2 months; the full application review takes 6 to 12 months, and in some cases longer. Processing times for EMI license applications in Hungary in 2025 will depend on MNB’s workload and the completeness of the dossier; factors affecting the processing time include the maturity level of IT and AML, evidence of banking relationships and the quality of the business‑plan. If an EMI license is refused: the reasons and remedies usually relate to an unproven model resilience, insufficient outsourcing controls, or incomplete safeguarding policies; COREDO helps structure corrective measures and a reapplication.

Cost of an EMI license in Hungary

Cost of an EMI license in Hungary: it is not a single figure but a comprehensive budget for launching an EMI company. Components of the EMI license cost (legal, IT, compliance) include:

  • Legal block: dossier preparation, corporate formation, policies and procedures, interaction with the MNB; this also includes the MNB fee for reviewing an EMI application (Hungary), the amounts of which the MNB periodically updates in its tariffs.
  • IT infrastructure and costs for an EMI in Hungary: architecture, licensing, security, integration with payment gateways and the API stack, testing and audit.
  • AML/KYC costs for an EMI in Hungary: verification providers, screening platforms, case management and data storage.
  • Hiring a local director for an EMI in Hungary, the cost of a compliance officer and MLRO, and the payroll fund for the operations team.
  • Audit and external safeguarding confirmation, annual audit costs and regulatory fees, and annual expenses of an EMI in Hungary.
Cost optimization when obtaining an EMI license in Hungary is achieved through phased IT deployment, sensible outsourcing of transaction processing for an EMI in Hungary, and using white‑label and partner solutions for a fast EMI launch. In practice COREDO structures the budget by project phases, tying payments to licensing milestones so the client can control burn‑rate and ROI.

Safeguarding in banking relationships

Requirements for the protection of client funds (safeguarding) are key to MNB’s trust. Segregated accounts in EU credit institutions ensure the separation of client funds and the EMI’s own funds, while trust accounts through partner trusts are used in some models where permitted by law and the contractual framework. Audit and external confirmation of safeguarding are mandatory; the regulator expects formal agreements with banks and a clear daily reconciliation process.

Correspondent banking relationships for EMIs require starting negotiations early. Interaction with banking partners when opening accounts is best conducted in parallel with licensing: having a letter‑of‑intent (or a draft agreement) strengthens the dossier. The COREDO team implemented a scheme with virtual IBANs and a split of roles between the custodian bank and the processing partner, which increased the model’s resilience and simplified BCP/DR.

IT infrastructure security

IT security, ISO 27001 and PCI DSS for EMIs are not a formality but an operational necessity. Integration of payment gateways and the API‑stack for scaling must account for rate limiting, anti‑fraud, real‑time monitoring and event logging. When performing card issuing, acquiring and interacting with payment schemes, it is important to plan certifications and release schedules already in the business plan.

Outsourcing of regulatory‑significant functions (cloud, processing) is permissible provided there are SLAs, audit rights and control procedures. A reserves policy and an investment policy for held funds mitigate excessive risks, and a business recovery plan and continuity measures (BCP/DR) bolster resilience to failures. The solution developed by COREDO offers a modular architecture with the ability to include white‑label partner modules and a fast transition to in‑house microservices as it scales.

Operational model of an e-money business

Profitability forecasts and the unit economics of e‑money businesses include fees for wallet issuance/maintenance, interchange income from card issuing, transaction margin and FX markup. Aligning tariffs and fees to ensure profitability must balance competitiveness and regulatory transparency. Financial resilience and stress tests of the business model help justify to the MNB that even in adverse scenarios capital and reserves cover operational needs.

Fundamental ROI metrics when launching an EMI in Hungary – LTV, CAC, share of active wallets, churn, support load and share of automated compliance. ROI metrics: LTV, CAC, transaction margin we link to licensing KPIs: onboarding speed, share of false positives in monitoring and average time to unblock legitimate operations. This linkage of performance and control strengthens the position with the MNB.

AML/CFT and compliance in operations

Preparing an AML policy and internal controls for an EMI is a process, not a ‘file in a folder’. KYC / KYB procedures and verification of beneficiaries rely on a risk assessment of jurisdictions and products, while PEP screening and rules for handling politically exposed persons establish enhanced checks and the frequency of reassessment. The process of confirming the source of funds (source of funds), transaction monitoring, and trigger rules must be digitized and testable.

GDPR compliance when processing customers’ personal data inevitably overlaps with AML logging and data storage, so access architecture and pseudonymization are important from day one. Reporting to the MNB and regulatory reports, as well as support for MNB audits and inspections, we plan in advance, including templates, registers, and responsible parties. Administrative fines and the risk of license revocation: a reality, but competent AML risk management, operational and IT risk management keep them at bay.

Passporting to European and Asian markets

The conditions for passporting an EMI license to EU and EEA countries from Hungary involve a notification procedure through the MNB and the host regulators. Timelines are usually predictable if the services, distribution channels and local AML specifics are described. A comparison of the timeframes for obtaining an EMI license in Hungary and in other EU jurisdictions shows similar ranges, but Hungary often has the edge in interaction logic and the quality of feedback.

Expanding beyond the EU requires a local assessment of the scope of services, controls over cross-border transfers and currency restrictions. In some Asian countries, regulatory sandbox programs and pilots in the EU that demonstrate mature processes and IT are useful. COREDO’s practice confirms: properly structured passporting in the EU is a springboard for negotiations in Asia.

Taxes and corporate structure for IP

Tax aspects of the EMI business model in Hungary depend on the nature of the services, the locations where they are provided and the contractual arrangements with partners. We analyze the VAT position of payment services, transfer pricing and the impact of macroeconomics and currency risks on the payments business. We choose legal forms of companies in Hungary for financial services taking into account corporate governance and protection of minority shareholders.

Legal intellectual property protection of the payment platform is important for assessment by investors and banks. Trademark registration, licensing agreements and vendor code development policies address vulnerabilities. The COREDO solution links the IP strategy with a licensing roadmap to prevent software rights conflicts at the time of inspection.

How to obtain an EMI license in Hungary

  1. Diagnostics of the model and selection of the service perimeter: we determine whether an EMI license for Hungary is required or a PI is sufficient, and where the boundaries of e‑money issuance lie. This saves months.
  2. Financial model and ROI‑hypotheses: we build scenarios, unit economics, stress‑tests and regulatory capitalization. This is the basis of MNB’s trust.
  3. Ownership structure and UBO: we simplify the chain, prepare confirmations, register the UBO. Transparency accelerates Due Diligence.
  4. Formation of the legal entity in Hungary for an EMI: we register the company, approve the articles of association, substance and office. This is the basis for hiring and contracts.
  5. Personnel framework: directors, MLRO, compliance, risk‑management; we prepare fit and proper‑packages. People are the key to authorization.
  6. Safeguarding‑architecture: bank letters of intent, account models, daily reconciliations. This reduces MNB queries.
  7. IT‑landscape: architecture, security, BCP/DR, ISO 27001/PCI DSS‑plan; integration prototype. The technical specification must be verifiable.
  8. AML/CFT: risk‑assessment, policies, monitoring scenarios, screening‑providers, reporting. This is assessed separately by the regulator.
  9. Correspondent relationships and virtual IBANs: preliminary agreements and test configurations. Banks need to see maturity.
  10. Preparation of the dossier and submission to the MNB: a single narrative, cross‑references, version control. Consistency saves rounds of questions.
  11. Communication with the regulator: prompt responses, system demonstrations, adjustments. We build the dialogue on facts.
  12. Test operation and go‑live: pilots with a limited sample, reports to the MNB, expansion of services and geographies. Quality over speed.

COREDO cases: launch scenarios

In one project the COREDO team implemented an EMI for a European fintech with multi-currency wallets and card issuing. We designed safeguarding with two custodian banks, deployed ISO 27001 and prepared for a PCI DSS audit. The timeframe for obtaining an EMI license in Hungary was 9 months thanks to a pre-approved business plan and IT readiness for demonstration.

In the second case the company built an on/off-ramp for digital assets within European regulations and required a combination of VASP registration in one EU country and an EMI in Hungary. We separated product perimeters, described an AML bridge between services and implemented sanctions screening at the level of a unified customer profile. The MNB valued the separate risk accounting and transparency of processes.

Third scenario: a rapid market entry with white-label and partner solutions for a fast EMI launch. At the start we used outsourced transactional processing and a ready virtual IBAN module, while planning our own microservices in parallel. This approach reduced the company’s overall EMI launch budget and provided predictable ROI metrics.

How to reduce the risk of refusal

Risks of refusal in issuing an EMI license by the MNB arise when the applicant fails to demonstrate the resilience of the business model, underestimates safeguarding, overloads outsourcing without controls, or leaves gaps in AML/KYC. If an EMI license is refused, we analyze the reasons and actions item by item: strengthen capital and reserves, reinforce the management team, close IT gaps and rebuild the risk-based AML. It is important to return with comprehensive changes, not cosmetic ones.

Factors affecting the processing time of an EMI application are the same: maturity of IT/AML, agreements with banks, and a transparent ownership structure. Our experience at COREDO has shown that a preventive “dry” inspection — rehearsing answers to typical MNB questions — reduces the volume of subsequent requests.

Licensing KPIs and support

Quantitative KPIs to assess the success of licensing: the number and depth of requests from MNB, the speed of their resolution, and the time from submission to decision. After licensing, reporting to MNB and regulatory reports, the share of automated checks, incident SLAs and false positives in AML monitoring come to the fore. Support during MNB audits and inspections: ongoing discipline, and COREDO helps keep documentation and processes up to date.
We track regulatory changes for 2024–2026 and their impact on the EMI business in separate briefs: revision of requirements for technological resilience, clarifications regarding outsourcing and cyber risks, and the development of reporting standards. The earlier policies and procedures are adapted, the lower the risk of administrative fines and emergency corrections.

Frequently Asked Questions

How to obtain an EMI license in Hungary? You need a registered company, capital of at least EUR 350,000, an established team, a business plan with financials and stress scenarios, comprehensive AML/IT policies, safeguarding agreements and direct communication with the MNB. A cohesive narrative and evidence that all elements work are essential.
What is the cost of an EMI license in Hungary? It consists of legal preparation, IT infrastructure, AML/KYC platforms, payroll, audits and regulatory fees. We always split the budget by phases and offer optimization options through white-label solutions and outsourcing.
What are the processing times for an EMI license application in Hungary in 2025? On average 6–12 months after submission of the full dossier plus 1–2 months for preliminary communication, but the timeline depends on the maturity of the model and the number of question rounds.
What are the key requirements for an EMI license in Hungary? Minimum capital, fit and proper for management, safeguarding, independent compliance and MLRO, managed outsourcing, an ISO 27001/PCI DSS roadmap, GDPR compatibility and high-quality reporting.
Is it possible to passport an EMI license to the EU from Hungary? Yes, the notification procedure extends services to the EU/EEA with a correct description of services and compliance with local AML specifics.

Timelines and benchmarks for the EU

Comparison of timelines for obtaining an EMI license in Hungary and other EU jurisdictions shows a similar range to countries with comparable supervision: preliminary assessment — from a few weeks, full review — most cases are completed within 9–12 months. Hungary stands out for close feedback from the MNB and the possibility of early technical demonstrations, which helps reduce residual uncertainty. The same principles are critical in any EU country: financial soundness, effective risk management, ownership transparency and technological readiness.

About figures, fees and reporting

The MNB fee for reviewing an EMI application (Hungary) and the annual charges are published by the regulator and are periodically revised. We record them in the project budgets and monitor updates to avoid discrepancies. Post-launch reporting: operational rhythm: financial and statistical forms, safeguarding confirmations, incident reports, AML disclosures and coordination for inspections. Conflict of interest management and corporate governance are kept on the board of directors’ agenda, and changes to the operating model are recorded in the notification register for the MNB.

How to prove the robustness of the MNB model

The COREDO team is preparing a supporting evidence package: scenario P&L and cash‑flow, sensitivity analysis of transaction margins to tariffs and interchange, a customer acquisition and retention plan tied to LTV/CAC, a reserves policy and regulatory capitalization. Financial stability is confirmed not only by the numbers but also by risk management – credit (for deferred settlements), operational, AML and IT. Such a package demonstrates that the company can manage uncertainty and maintain profitability.

Conclusions

I believe in a simple idea: a solid EMI business is built on three pillars — a proven financial model, managed risks and technological maturity. Hungary provides clear rules of the game and a direct door to the EU market through passporting of financial licenses in the EU/EEA. At the same time, the cost of an EMI license in Hungary and the timelines for obtaining an EMI license in Hungary remain predictable if you work to a clear plan and maintain a high standard of documentation.

COREDO: a team that speaks the language of regulators and business alike. We support projects from company registration and building compliance to entry into the markets of Europe and Asia, relying on practices and a methodology proven by dozens of licenses. If you need a concrete roadmap — from the dossier to go-live — I am ready to discuss the details and propose a project structure that will deliver results and withstand the test of time and inspections by the MNB.

LEAVE AN APPLICATION AND GET
A CONSULTATION

    By contacting us you agree to your details being used for the purposes of processing your application in accordance with our Privacy policy.