(Note - all views are those of Fintech Compliance Chronicles/my personal views and not affiliated with any other organization)

Welcome to the last of our interview series from Fintech Meetup 2025. This week we share our conversation with a standout voice in the payments space - Fernando Castellanos, Chief Revenue Officer at EverC.

EverC is “focused on powering growth for the online seller ecosystem. With the world’s first fully automated, AI-driven cross-channel risk management platform, we are transforming the internet into a safe and trusted place for ecommerce. Our easy-to-use solution rapidly detects, identifies, and removes high-risk merchants; online money laundering; and fake, illegal, and dangerous products and services. We also continually monitor activity to mitigate ongoing and evolving risk. Founded in 2015, the EverC team comprises domain experts in risk intelligence, data science, fintech, payments, and financial risk.”

Some background about Fernando: “With a distinguished track record in building high-performing teams and scaling revenue for SaaS and fintech companies, Fernando brings deep expertise in risk management, fraud prevention, and business development. Prior to joining EverC, he held executive roles at Merkle Science, SheerID, and Forter, helping global organizations navigate the complexities of online risk and compliance. Fluent in four languages and based in New York City, Fernando is passionate about leveraging technology to create safer, more transparent digital marketplaces.”

I have to give Fernando a special thanks for giving me his valuable time as he was shuffling between Fintech Meetup and MRC, which was happening across the street - one conference is a lot to manage, but combine that with walking back and forth between two venues and it’s huge. Thanks yet again to Caliber for setting this up! The transcript of our discussion is below and the recording is at the beginning - enjoy:

Zarik: Fernando, tell me, as a starting point, a 30 second elevator pitch on EverC, and how you came to be in the organization?

Fernando: So we're basically an AI machine learning, company, whose sole purpose is basically enable, the payments ecosystem, digital payments ecosystem to be, safe of, transaction laundering and anything that violates, regulation, acceptable use policies, card brands, and things of that nature.

We work with, all the largest acquiring banks, in the world. Basically where we sit is, when a merchant goes to acquiring we go through the KYC/KYB, PEP, address, media, adverse media, all the screenings that everybody does, and then that merchant gets clear from that aspect.

And what happens at that point? We get sent all the URLs that that merchant wants to process payments in, and our technology basically crawls all the URLs to make sure that the website is what it's being said it is, and that there's nothing hidden in it that violates, any card scheme regulation, and things like that.

And, also we bring our graph to make sure that, hey, maybe this is Fernando and yes, this is a bookstore, and the bookstore.com is actually accurate. We also know that Fernando has, another, store that sells guns or something that may be more, big no-no for you.

And sometimes we have also service where maybe they're not providing you a URL. We've been evolving into now, helping marketplaces not only with sellers, but also with product listings.

We work with the largest marketplaces, in the world as well, where we see up to 30 million product listing. Because a seller may be a legit seller. And they upload 50,000 products. And the example is, you can sell melatonin in the US but you cannot sell it in the uk. So those are ones you're like, okay, this is not a bad stock, it's just a seller that is big, has a lot of things and is not realizing this is a big no.

But if you do it, you are gonna have the card brands or the regulator fine. Also blog posts and IP infringement and then all the things that are for sensitive adult content, weapons, drugs, things of that nature. What sets EverC apart in my view, from other vendors in the space is we came as an AI machine learning company first to tackle the problem. And I think that puts us today in a forefront to deal with Gen AI and everything this company embraced a long time ago to make sure we were ready and prepared for it.

We also have our team of, specialists who do deep dive investigations, transaction laundering investigations. We also do some, services for companies like Discover, which are their own closed loop network.

Where they want to say, okay, find me anybody who's violating my acceptable use policy. And we do that for companies like that.

Zarik: I love the fact that it's not just limited to, the KYC and KYB, but your focus on compliance-- and compliance is maybe even a limiting term-- playing by the rules of whatever ecosystem is developed. Like you're trying to get and capture all that information as well for benefit of different parties, it sounds like. That's really cool.

So we're talking about these different players in the ecosystem. We've got issuers, we've got networks, we've got acquirers, I'm sure the merchants are there as well, but let's talk about the consumer for a second, right? So, on the false positive sides, right?

Like a lot of these competitors you might have, may have perhaps more stringent models that perhaps gets one of these merchants like incorrectly flagged and then suddenly it creates a lot of tension and unnecessary back and forth. So I had read that one of the things that you had done was to actually lower these false positives in some of the case studies that I found about your company. So talk a little bit about how like CE like able to do what you do from like an accuracy perspective.

Fernando: So going back because we came, and we started as a technology company, we've been obviously improving accuracy, our speed. What allows us is because our technology helps us, with pretty short SLAs, tackle about 90% with a previous inaccuracy. And then the 10% that is more complicated, but not plain vanilla, those actually sit a little longer to make sure that we're actually not creating a bad experience. While it's not ideal for any acquirer or anybody in the ecosystem to create friction with the merchants at the end of the day, it's better to create a bad customer experience than have somebody go through the doors that shouldn't have Now, that said, like in anything else, the merchants are way more demanding and, it's forcing everybody to get faster. Like, if you look at the big ones they're tech driven, like the Stripes of the world, the Adyens, all of them, their SLAs for onboarding.

From the time you onboard to the time you're processing a payment is pretty short, and I think it's gonna get shorter. And, then that creates a problem because on one end you have to be faster on the other end, Gen AI, when it comes to individual merchants, micro merchants and things, I could very easily create 20,000 fake merchants.

So it's gonna get quite interesting to see, how our industry starts to tackle those things and at one point, you get like, "okay, what do I need to make first?" Like the SLA from a customer and client experience, right? Versus, at this point, and it's top of mind, right?

MasterCard, last week here at ABP [American Banker's Payments Forum], was talking about scams and how [with] AI, you're getting a video from your father saying, "Hey, wire me the money and I need this." You're like, "look at it, it's pretty impressive." So I think that that's the conundrum that the service providers will have to deal with, with everybody expects like at the snap of fingers, everything needs to be there now.

On the other hand, it's super sophisticated, the way criminals are actually now leveraging technology.

Zarik: Yeah. Talking about scams, so, coming back to the accessibility piece, right? Your goal is obviously to help acquirers, as you said, detect fake merchants, fraudulent merchants, et cetera. Right? Or find instances where there's some sort of issue with a merchant that maybe needs to be resolved. Especially as you mentioned you're very global in nature.

How do you make sure that your tool doesn't become unintentionally, a means to shut out, certain market or certain type of merchant through the rigor? Fairness for certain type of SMB as a consideration.

Fernando: I think in our space is we don't go into those details, meaning, it's very clear what is legal, what is acceptable by the card schemes and basically those are the frameworks. We have also what is called a rules customizer, where a client may set up a different set of rules where some of them are less risk adverse than others.

"We don't want to take gaming, we don't wanna take gambling, we don't want to take adult, we don't wanna take marijuana, which is legal in some states, some not." Some are more aggressive on that end. That's basically entirely up to the client.

Zarik: And they're the ones who have like, opted into following certain rules or set of rules.

Fernando: Their own rules, customers, whatever risk appetite they can stomach.

Zarik: And so that leads me to ask about one of your products, I think it's called Merchant View. So tell me a little bit about Merchant View, like how you should think about it from a compliance perspective. And then we can talk about the customization to the extent it exists and how, let's say an acquirer might want to leverage that customization.

Fernando: So merchant view is the merchant onboarding and merchant monitoring solution. Basically the product we've been talking about. We have two ways we can integrate. One is through an API where we can feed a customer system and they get the inputs thrown into it. Or, we have our own user interface where you can upload the URLs. The models already are in compliance with card schemes. If that applies globally, regulation, legislation, things of that nature. Now we onboard the client, we provide training on how to customize our rules, then--

Zarik: --they're basically on their own.

Fernando: Now, they may reach out to customer success and say, "Hey, can you help me. I'm trying to establish these set of rules of things." But in general, that would be under their responsibility.

Zarik: Some regulatory bodies, I don't think in the US but other jurisdictions, have brought up, "oh, some of these tools to help detect fraud can be deemed as high risk," presumably because they're worried about ability for customization.

But from your perspective you haven't gotten mixed up in any sort of regulatory inquiry for these acquirers maybe that do go too far with dropping the guardrails, right. Like, "oh, let's actually create a little bit more risk appetite" and then they get in trouble for it. It hasn't come back to you, from your experience?

Fernando: If they decide to be lax on them--

Zarik: --that's on them.

Fernando: They sometimes come to us and ask for us to do deep investigations. We'll provide the results so they can go back to it. But at the end of the day, we are a solution that is tuned to their own criteria. So if they get in trouble with the regulator for being lax about it, it's on them. Like I said, there's some clients that have a little bit more appetite on riskier portfolios, but we don't participate in that.

Zarik: That's helpful to know. And then just talking a little specifically on some of the regulatory challenges, not for yourself obviously, but for the acquirers and by extension, the merchants. So one of the things that is a big pain point sometimes in the whole AML/KYC financial crime space is false positive OFAC hits, sanctions hits.

Where you're talking about an individual, the name is close. So, how do you work with the acquirers and by extension merchants or how do you work internally to account for some of these, how do you work to minimize some of the friction that could result if somebody was just trying to take the list and literally screen their merchants as is.

Fernando: We're gonna crawl URLs right? At the end of the day. If there's no URLs, we're gonna come back and say, there's nothing. We don't touch sanctions OFAC anything like that. Those are done by the client usually prior to sending. We are sort of like the last step.

After you go through sanctions screening, adverse media and things of that nature, we don't have those issues or anticipate those issues. It's prior to bringing in our services.

Zarik: So you're an AI driven company doing machine learning for quite some time before it became like a big buzzword that everybody's talking about. In terms of how data is stored and how it's used in building this intelligence model, so to speak, is it fair to say it's almost like a consortium of data because you're working with tons of different acquirers who in turn have tons of merchants?

You might have referred to this in one of your earlier examples, but do you run into cases where because you worked with one acquirer who has information and maybe you have a stored result for that merchant, that you come up with that same merchant for a different acquirer? Are you able to leverage that past data for the merchant and then basically use it in your decisioning for the next acquirer?

Fernando: So we do have our graph, which is basically leveraging all the data that the crawlers, accumulate throughout our big systems today. Our crawlers will start crawling, but also we ping our graph and say, okay, what do we know about this? So we do leverage.

Zarik: Also it sounds like Market View is the other tool for the marketplace. So just a brief overview of that.

Fernando: What we do is we work with the marketplaces and it's by product listing and categories.

Categories could be pharmaceuticals, contract bids, knockoffs, weapons. So those are the categories and then they send us, so when you go to marketplace and you go through the process, then you put it before it gets published, the marketplace sends it to us. We screen it and we say this violates copyright infringement as a knockoff, or we say, good to go.

And then, we earned the trust with some of the largest marketplaces to take our decision and just basically publish. The way marketplaces control it is you cannot make a change to the product listing. But if you do, you go through the same process.

"I'm gonna put a real Louis Vuitton and then I'm gonna change it to a knock off. Then it has to go back to the present."

Zarik: It's good change management, clearly. And, one other thing I wanted to ask is, we're talking about change management, let's maybe keep it specific to market view and marketplaces. You were talking about in the context of merchants, right? Like the acquirers have the card rules, they're responsible from your perspective for staying up to date with regulations, requirements, et cetera, for Market View, let's say. Some of these restrictions, especially in different jurisdictions, they change, what's your process for staying up to date with those requirements as they either A, become stricter, or B, become looser?

Fernando: So we have a team, that sits, under our, head of risk and basically, stays on top of all these regulations globally to make sure that we focus on the regulated markets, which today includes the US and the European Union. So we stay on top of those things and make sure that the models are fine tuned to the regulations.

And again, the card schemes basically are the most important, tunings that our clients care about. For the longest time, marketplaces were saying, "Hey, seller come in, buyer come in and they match. I'm not responsible for the transactions, buying something that is illegal," now that's not flying anymore.

Fernando: Regulation said that you are responsible for making sure that your marketplace is offering things that are actually within-- and that's why it's prompting a lot of this. Now a lot of the marketplaces do a first line of defense on their own. They're a tech company, so they build their own models. But there's certain categories to the places where their own models are not enough.

Because usually if a seller is gonna do bad stuff in one marketplace, most has like multiple things happening in different marketplaces, so we're able to detect that and be more effective in helping them with that.

Zarik: Last question here. Thinking about marketplaces and with like things like drop shipping for example, these have become quite large and complex and you have Amazon Marketplace, Facebook marketplace, what do you see as a future for the space and how do you think, others in your space will adapt as things in the overall ecosystem adapt.

Fernando: I don't have an answer and I don't think Amazon has the answer either, right?

There's two steps. One is, we are on the front end making sure that the listing is legit, like it's a legit product and it's authentic and that's it. Right? And then the transaction comes through. The problem is at that point we don't control that the seller actually puts the right product or ships something and the only way, is with central distribution centers controlling. Because otherwise, I think at one point probably AI would be like, okay, take a picture of the package and I get it and somehow AI will keep the picture. Like I took the picture of the package I'm shipping you and it's encrypted and you will take a picture that you got and somehow the platform saying it is a product that was shipped, right? I'm guessing it's a ways before we head in that direction. It's a little bit where, for example, companies like, Nike are focused on technology that allows them to make sure to avoid the lost product and here's how we're going to tackle that. But you're talking about a multi-billion dollar problem.

Zarik: Very insightful. Well, it's been a pleasure, Fernando. Appreciate your time.