For expert advice on understanding risk and compliance through a PayFac-as-a-Service (PFaaS) model, you can’t go wrong with Billi Jo Wright, Chief Risk and Compliance Officer at Payrix and our special guest on this episode of the PayFAQ Embedded Payments podcast with host Bob Butler.

Billi Jo is a returning guest to the podcast, this time offering valuable insights on important risk and security questions to ask when thinking about PayFac-as-a-Service, and best practices for protecting cardholder information.

She says choosing a PFaaS partner that gives you the flexibility to create the customer experience you want is imperative, because much of the value of Embedded Payments is in how it enhances the experience with your software. It’s also critical that your payments partner is willing to learn what your software does and who your customers are. Only then can they really understand and support your growth through Embedded Payments.

You and your PFaaS partner should also be on the same page when it comes to risk and security considerations. You should ask providers if they require you to own liability for merchant loss. Billi Jo explains there are advantages either way, but it’s something you should discuss. You should also know if the provider expects you to pre-vet or underwrite your customers before enabling payments and if they provide tools to help protect your customers from data breaches.

On the flip side, she emphasizes the importance of software companies ensuring their platforms are secure and offers up best practices, like multifactor authentication (MFA), focusing on user access management, and working with a good QSA (Qualified Security Assessor.)

Listen now for all the best ways to do risk and compliance right.