Simpaisa Group Operating Model¶
Part IX: Country Operating Models¶
Sections 20–26¶
Version: 0.1 | April 2026
Document Owner: Chief Digital Officer
Classification: Confidential - Internal Use Only
Section 20: Pakistan Operations¶
20.1 Entity Profile¶
Legal Entity: PublishEx Solutions PVT Limited
Jurisdiction: Islamic Republic of Pakistan
Registered Office: Pakistan
Group Relationship: Wholly owned operating subsidiary of Simpaisa Holdings PTE. Limited (Singapore)
Tax Status: NTN (National Tax Number) registered
Trademarks: Class-36 (financial services), Class-42 (technology services), Simpaisa logo (Class-36)
Pakistan is Simpaisa's flagship and largest operating market by transaction volume, headcount, and revenue contribution. The Pakistan business represents the foundational proof of concept for Simpaisa's operating model in frontier markets: deep payment rail coverage, a branchless banking agency network, active crypto off-ramping capability, and a white-label wallet proposition, all operating under a layered licensing arrangement that is progressively being upgraded towards a fully independent Payment System Operator (PSO) licence.
The engineering organisation that builds and operates the core Simpaisa platform is embedded within the Pakistan entity, making PublishEx operationally central to the entire Group. All technology sub-teams - Pay-Ins, Pay-Outs, Portal, DevOps, SQA, and Architecture - are functionally aligned to the CTO at Group level but are physically located within the Pakistan operations.
20.2 Regulatory Landscape¶
20.2.1 Primary Regulator¶
State Bank of Pakistan (SBP) - the principal monetary and payment system regulator. SBP is responsible for licensing, oversight, and enforcement of payment system operators and payment service providers in Pakistan under the Payment Systems and Electronic Funds Transfer Act 2007 (PSEFT Act) and the SBP's Payment Systems Strategy (PSS) and regulations issued thereunder.
Financial Monitoring Unit (FMU) - Pakistan's Financial Intelligence Unit. Receives Suspicious Transaction Reports (STRs) and Currency Transaction Reports (CTRs) from reporting entities including payment service providers.
Securities and Exchange Commission of Pakistan (SECP) - corporate registry and securities regulator. PublishEx's corporate filings and directorship records are maintained with SECP.
20.2.2 Current Licensing Status¶
| Licence / Arrangement | Issued By | Counterparty / Structure |
|---|---|---|
| SBP Schedule H - Payment Aggregation | SBP | Via United Bank Limited (UBL); operating as UBL's payment aggregator |
| 1LINK Integration | 1LINK (Pvt.) Ltd | IBFT and 1Bill Push/Pull access via 1LINK membership |
| Branchless Banking Agency Agreement | SBP Framework | Agreement with licensed Branchless Banking operator for agent network access |
| PSO/PSP Licence Application | SBP | Direct own-licence application submitted and under review |
The SBP Schedule H arrangement is the operative licence under which Pakistan Pay-Ins and Pay-Outs currently run. This is a sponsored model: PublishEx operates as an approved payment aggregator under the regulatory umbrella of UBL, which holds the principal PSO licence. This arrangement is standard for fintech operators in Pakistan prior to obtaining an independent licence and imposes certain constraints - principally, that all settlement flows pass through UBL's banking infrastructure, and that UBL retains the right to review and approve new merchant categories.
20.2.3 Licence Acquisition Roadmap - Pakistan¶
EMI Licence (Electronic Money Institution): Simpaisa is pursuing acquisition of a 33.3% equity stake in an existing EMI-licensed entity in Pakistan. This is the mechanism for entering the white-label wallet and stored-value products space under SBP's EMI regulatory framework. An EMI licence permits the issuance of electronic money, the operation of payment accounts, and the provision of associated payment services to consumers - the regulatory prerequisite for offering clients a fully operational white-label wallet product. The acquisition process is in progress.
Own PSO/PSP Licence: A direct application for a Payment System Operator and/or Payment Service Provider licence under SBP's own-licence framework has been submitted. Upon approval, this would allow PublishEx to operate payment aggregation independently, removing the dependency on UBL's Schedule H umbrella and unlocking the ability to directly onboard merchants, execute bilateral settlement agreements with payment operators, and expand product scope without requiring sponsor bank approval.
20.2.4 AML/CFT and Financial Crime Compliance¶
Pakistan operations are governed by: - AML/CFT/PF Policy - PublishEx Solutions PVT Limited (existing Group policy document, jurisdiction-specific) - PublishEx Sanctions Policy (existing Group policy document) - FATF Mutual Evaluation Framework - Pakistan was subject to FATF scrutiny and placed on the FATF Grey List; it was removed in October 2022 following significant AML/CFT reforms. Residual heightened due diligence requirements apply to certain correspondent banking relationships and to enhanced monitoring of high-risk customer segments. - FMU Reporting Obligations - PublishEx is a designated non-financial business and profession (DNFBP) reporting entity under the Anti-Money Laundering Act 2010 (AMLA) and is required to file STRs and CTRs with the FMU. - SBP AML/CFT Guidance - SBP has issued payment system-specific AML/CFT guidance applicable to PSOs and payment aggregators.
20.3 Products and Services¶
Pakistan operates the broadest product suite of any Simpaisa market.
| Product | Status | Notes |
|---|---|---|
| Pay-Ins (Collections) | Active | Full payment method coverage - see 20.5 |
| Pay-Outs (Disbursements) | Active | Wallet, IBFT, OTC |
| Remittance Inflows | Active | Cross-border inflows from Canada (Simpaisa CA / Commerce Plex) and UK (Commerce Plex) corridors |
| Crypto Off-Ramping | Active | USDT → PKR via Binance partnership |
| White-Label Wallets | Active / Expanding | Under EMI licence acquisition process; existing wallet product live |
20.3.1 Pay-Ins - Payment Methods¶
| Payment Method | Category | Operator / Rail | Network Coverage |
|---|---|---|---|
| Easypaisa | Mobile Wallet | Telenor Microfinance Bank | Nationwide |
| JazzCash | Mobile Wallet | Mobilink Microfinance Bank | Nationwide |
| HBL Konnect | Mobile Wallet | HBL (Habib Bank Limited) | Nationwide |
| Alfa | Mobile Wallet | Askari Bank | Nationwide |
| Direct Carrier Billing - Mobilink | DCB | Jazz (PMCL) | Nationwide |
| Direct Carrier Billing - Telenor | DCB | Telenor Pakistan | Nationwide |
| Direct Carrier Billing - Ufone | DCB | PTCL Group | Nationwide |
| Direct Carrier Billing - Zong | DCB | China Mobile Pakistan | Nationwide |
| OTC (Over-the-Counter) | Cash Collection | 2,500+ retail agents | Urban and semi-urban |
| IBFT via 1LINK | Bank Transfer | 1LINK inter-bank network | All member banks |
| Cards (Visa / Mastercard) | Card Payments | International acquiring | Online merchants |
Pakistan is the only market in the Group where Direct Carrier Billing is active across all four mobile network operators simultaneously. This provides coverage for consumers without bank accounts or mobile wallets - a significant addressable segment in Pakistan's semi-urban and rural population.
20.3.2 Pay-Outs - Disbursement Rails¶
| Disbursement Rail | Method | Typical Settlement |
|---|---|---|
| Mobile Wallet Push | Easypaisa, JazzCash, HBL Konnect, Alfa | Near real-time |
| IBFT Push (1LINK) | Bank-to-bank transfer | T+0 to T+1 |
| OTC - Branchless Banking | Agent cash-out via BB agreement | Same day |
| Card Payouts | Visa / Mastercard push | T+1 to T+2 |
20.3.3 Crypto Off-Ramping¶
The Pakistan crypto off-ramping product enables clients - typically individual high-value remitters or institutional virtual asset holders - to convert USDT (Tether) into PKR and receive funds via their preferred Pakistani payment rail. The operational flow is:
- Client transfers USDT to Simpaisa's designated wallet address via the Binance platform.
- Simpaisa confirms receipt and locks in the PKR conversion rate (based on prevailing USDT/PKR market rate inclusive of Simpaisa's FX spread).
- Simpaisa liquidates the USDT position and credits the PKR equivalent to the client via their nominated disbursement method (wallet, IBFT, or OTC).
This product operates under Simpaisa's Group AML/CFT framework with enhanced due diligence applied to all virtual asset transactions, consistent with FATF Recommendation 15 and the Travel Rule obligations applicable to virtual asset service providers. SBP's position on virtual assets in Pakistan is evolving; the crypto off-ramp operates in a grey regulatory zone and is subject to ongoing monitoring of SBP's virtual asset regulatory developments.
20.4 Local Organisational Structure¶
20.4.1 Country Leadership¶
| Name | Role | Reporting Line |
|---|---|---|
| Noor Ali | Country Head Pakistan | Direct report to CEO |
Noor Ali serves as Country Head for Pakistan and a member of the Group Executive Leadership Team, with full P&L accountability for the Pakistan business and responsibility for Group-wide payments operations. Pakistan's status as the Group's operational centre of gravity is reflected in this senior mandate.
20.4.2 Pakistan Operations Function¶
The Pakistan operations function (under the Country Head Pakistan) encompasses:
- Settlements and Reconciliation - management of end-of-day settlement processes, three-way reconciliation (internal ledger, payment operator, merchant), and break resolution
- Partner Support - first-line support for payment operator partners (wallet operators, acquiring banks, 1LINK, MNOs), including issue triage, escalation management, and SLA monitoring
- Agent Network Management - oversight of the 2,500+ OTC retail agent network under the Branchless Banking Agency Agreement
20.4.3 Technology Function (Shared / Co-Located)¶
The entire Group Technology organisation (CTO, Pay-Ins team, Pay-Outs team, Portal team, DevOps, SQA, Architecture) is physically embedded within the Pakistan operation but reports to Group-level functional leadership. Pakistan is effectively the Group's technology hub. This creates an operational concentration risk that is mitigated by the implementation of business continuity and disaster recovery protocols described in Section 16.
20.4.4 Local Specialist Functions¶
The following specialist functions are embedded in or closely aligned with the Pakistan operation:
- Regulatory Affairs - Shoukat Bizinjo (Global Head of Regulatory Affairs) leads all SBP licence engagements, EMI acquisition process, and PSO/PSP application
- Financial Crime Compliance - Pakistan-specific AML/CFT compliance function, operating under the Group Compliance Framework with Pakistan-specific addendum
- Treasury - Pakistan PKR float management, pre-funding of OTC and wallet disbursement pools, FX position management (USD/PKR)
20.5 Banking and Payment Partners¶
| Partner | Role | Relationship Type |
|---|---|---|
| United Bank Limited (UBL) | Principal PSO sponsor; settlement bank for Pay-Ins | SBP Schedule H arrangement |
| 1LINK (Pvt.) Ltd | IBFT and 1Bill infrastructure | Direct integration |
| Telenor Microfinance Bank | Easypaisa wallet operator | Direct integration |
| Mobilink Microfinance Bank | JazzCash wallet operator | Direct integration |
| Habib Bank Limited (HBL) | HBL Konnect wallet; correspondent banking | Direct integration |
| Askari Bank | Alfa wallet operator | Direct integration |
| Jazz (PMCL) | DCB - MNO | Direct integration |
| Telenor Pakistan | DCB - MNO | Direct integration |
| PTCL / Ufone | DCB - MNO | Direct integration |
| China Mobile (Zong) | DCB - MNO | Direct integration |
| Binance | Crypto off-ramp partner | Commercial agreement |
| Branchless Banking licensed operator | OTC agent network access (2,500+ agents) | BB Agency Agreement |
20.6 Country-Specific Compliance¶
20.6.1 AML/CFT Framework¶
PublishEx operates under a dedicated AML/CFT/PF policy tailored to Pakistan's regulatory requirements under the Anti-Money Laundering Act 2010, the SBP's AML/CFT/CFP Regulations for Payment System Operators, and the FMU's reporting guidance. Key programme elements include:
- Customer Due Diligence (CDD): CNIC-based identity verification for consumer transactions; enhanced due diligence (EDD) for merchants, high-value transactors, Politically Exposed Persons (PEPs), and virtual asset clients
- Transaction Monitoring: rule-based and behavioural monitoring for structuring, velocity anomalies, smurfing patterns, and crypto-linked risk indicators
- STR/CTR Filing: real-time STR submission to FMU; CTR for cash transactions exceeding PKR 2.5 million
- Sanctions Screening: all transactions screened against UN, OFAC, EU, and HMT sanctions lists via Eastnets; Pakistan's national sanctions list and FMU proscribed list applied additionally
- Record Keeping: five-year minimum retention of transaction records and CDD documentation per AMLA requirements
20.6.2 Data Protection¶
Pakistan's primary data protection framework for technology operators is the Prevention of Electronic Crimes Act 2015 (PECA) and associated SBP data localisation guidance, which requires that payment transaction data relating to Pakistani consumers be stored within Pakistan's territorial jurisdiction. PublishEx maintains data residency compliance within its AWS Pakistan region infrastructure. The Personal Data Protection Bill (when enacted) will impose additional obligations currently anticipated to align broadly with GDPR principles.
20.6.3 Tax Compliance¶
PublishEx is NTN-registered and files statutory tax returns with the Federal Board of Revenue (FBR). The Pakistan entity is subject to corporate income tax, sales tax on services, and withholding tax obligations on payments to suppliers and employees. International settlement payments to the Singapore HoldCo are subject to Pakistan's withholding tax on royalty, service fee, and inter-company payment flows under the terms of any applicable double taxation agreement.
20.7 Operational KPIs¶
The following KPIs are monitored at a country level for Pakistan operations.
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| Total Payment Volume (TPV) - Pakistan | Commercial | Per Board-approved plan | Monthly |
| Transaction success rate - Pay-Ins | Operational | ≥ 95% | Daily |
| Transaction success rate - Pay-Outs | Operational | ≥ 97% | Daily |
| Reconciliation break rate | Operational | < 0.1% of transaction count | Daily |
| Settlement timeliness (% settled on time) | Operational | ≥ 99% | Weekly |
| OTC agent network uptime | Operational | ≥ 99% of agents active | Weekly |
| Average Pay-In processing time | Operational | < 30 seconds (wallet/DCB) | Weekly |
| STR filing timeliness | Compliance | 100% within 7 days of detection | Monthly |
| Sanctions screening false positive rate | Compliance | Monitored; escalation within 24 hours | Monthly |
| Crypto off-ramp transaction volume | Commercial | Per commercial plan | Monthly |
| PSO licence application progress | Regulatory | Milestone tracking | Quarterly |
| EMI acquisition completion | Regulatory | Per acquisition timeline | Quarterly |
20.8 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| SBP regulatory change impacting Schedule H arrangement | Regulatory | Medium | High | Active engagement with SBP; accelerating own PSO/PSP licence application |
| PKR currency depreciation and FX volatility | Financial | High | Medium | USD-denominated merchant settlement; dynamic FX spread management; daily repatriation of PKR proceeds |
| OTC agent fraud or misappropriation | Operational / Fraud | Medium | Medium | Agent vetting, transaction limits, real-time monitoring, reconciliation controls |
| SBP virtual asset regulatory change impacting crypto off-ramp | Regulatory | High | High | Monitoring SBP policy developments; maintaining flexible product architecture; client communication protocols |
| Technology concentration - Group engineering hub in Pakistan | Operational | Low | Very High | BCP/DR protocols; cloud-native architecture with AWS multi-AZ; remote access capability |
| EMI acquisition process delay or failure | Strategic | Medium | Medium | Parallel pursuit of own-licence pathway; existing wallet product maintained within current regulatory scope |
| FATF re-listing risk for Pakistan | Compliance / Correspondent Banking | Low | High | Maintained enhanced AML/CFT controls post-removal; correspondent bank relationship diversification |
| Political instability and civil unrest | Country | Medium | Medium | Operational resilience planning; remote working capability; agent network geographic diversification |
| Capital controls and PKR repatriation restrictions | Financial | Medium | High | Treasury strategy: rapid conversion and repatriation; SBP liaison via banking partners; FX hedging where available |
Section 21: Bangladesh Operations¶
21.1 Entity Profile¶
Legal Entities: 1. Simpoysha BD Limited - Simpaisa's primary Bangladeshi holding and operational entity 2. Soft Tech Innovation PVT LTD (trading as aamarPay) - Bangladeshi payment platform entity, holder of the Bangladesh Bank Payment Service Organisation (PSO) licence
Jurisdiction: People's Republic of Bangladesh
Regulatory Authority: Bangladesh Bank (central bank and payment system regulator); Bangladesh Financial Intelligence Unit (BFIU)
Group Relationship: Both entities are subsidiaries within the Simpaisa Group; aamarPay's PSO licence is the operative regulatory foundation for Bangladesh payment operations.
Bangladesh is Simpaisa's second-largest active market by product breadth and payment rail coverage. The market is notable for the density of its mobile financial services (MFS) ecosystem - bKash alone claims over 65 million registered users - and for the regulatory complexity of operating within Bangladesh Bank's PSO framework. The Group's Bangladesh strategy centres on the aamarPay PSO licence as the operative payment infrastructure, with Simpoysha BD providing the commercial and operational wrapper.
The Group is actively pursuing an M&A route to acquire a 75% controlling stake in a PSO-licensed entity for expanded direct operations, which would strengthen the Group's independent regulatory standing in the market and reduce reliance on the existing aamarPay structure.
21.2 Regulatory Landscape¶
21.2.1 Primary Regulators¶
Bangladesh Bank - the central bank and primary payment system regulator. Bangladesh Bank regulates PSOs under the Bangladesh Payment and Settlement Systems Regulations 2014 (BPSSR 2014) and has issued a series of guidance notes and circulars governing digital financial services, MFS interoperability, and foreign exchange management.
Bangladesh Financial Intelligence Unit (BFIU) - Bangladesh's Financial Intelligence Unit, operating under Bangladesh Bank. BFIU issues AML/CFT guidance applicable to PSOs and regulated financial institutions; receives Suspicious Transaction Reports (STRs).
21.2.2 Licensing Status¶
| Licence | Held By | Issued By | Status |
|---|---|---|---|
| Payment Service Organisation (PSO) Licence | Soft Tech Innovation PVT LTD (aamarPay) | Bangladesh Bank | Active |
The PSO licence held by aamarPay is the operative permission under which all Bangladesh Pay-In and Pay-Out transactions are processed. The licence permits aamarPay to act as a payment intermediary, aggregating payments across multiple channels and settling with merchants and partners.
21.2.3 Regulatory Framework - BPSSR 2014¶
The Bangladesh Payment and Settlement Systems Regulations 2014 establish the framework for licensing, operational standards, capital requirements, and reporting obligations for payment system operators in Bangladesh. Key requirements for PSO operators include:
- Minimum paid-up capital requirements (as stipulated by Bangladesh Bank)
- Maintenance of client funds in designated escrow/trust accounts with scheduled banks
- Mandatory transaction reporting and record retention
- AML/CFT compliance programme aligned to BFIU guidelines
- System audit and security assessment requirements
21.2.4 M&A Strategy - PSO Acquisition¶
The Group is pursuing the acquisition of a 75% equity stake in an existing PSO-licensed entity in Bangladesh. This acquisition, if completed, would: - Provide the Group with majority control of a PSO licence, enabling independent merchant onboarding and direct settlement relationships without dependency on the existing aamarPay structure - Expand the scope of permitted payment services - Strengthen the Group's regulatory standing with Bangladesh Bank
The transaction is subject to Bangladesh Bank approval for changes in ownership and control of a licensed PSO.
21.3 Products and Services¶
| Product | Status | Platform / Infrastructure |
|---|---|---|
| Pay-Ins (Collections) | Active | aamarPay PSO platform |
| Pay-Outs (Disbursements) | Active | aamarPay PSO platform |
| Remittance Inflows | Active | Bangladesh Bank-approved inward remittance channels |
21.3.1 Pay-Ins - Payment Methods¶
Bangladesh operates the Group's most extensive MFS channel coverage:
| Payment Method | Category | Operator | Market Position |
|---|---|---|---|
| bKash | Mobile Financial Service | BRAC Bank / bKash Ltd | Market leader (65M+ users) |
| Nagad | Mobile Financial Service | Nagad Ltd (Bangladesh Post Office) | No. 2 by user base |
| Rocket | Mobile Financial Service | Dutch-Bangla Bank (DBBL) | Established operator |
| Upay | Mobile Financial Service | United Commercial Bank | Growing |
| Tap Pay | Mobile Financial Service | Tap Pay Bangladesh | Niche |
| OK Wallet | Mobile Financial Service | One Bank | Niche |
| M-Cash | Mobile Financial Service | Islami Bank Bangladesh | Islamic MFS |
| myCash | Mobile Financial Service | Mercantile Bank | Niche |
| Cellfin | Mobile Financial Service | Janata Bank | State-owned bank |
| Dmoney | Mobile Financial Service | Dnet / Dmoney | Agent-focused |
| iPay | Mobile Financial Service | IPDC Finance | Niche |
| NPSB (National Payments Switch) | Bank Transfer | Bangladesh Bank / NPSB | Real-time interbank |
| BEFTN (Bangladesh Electronic Funds Transfer) | Bank Transfer | Bangladesh Bank / BEFTN | Batch interbank |
| Card - Visa / Mastercard / Amex | Card Payments | International / acquiring bank | Online merchants |
| EMI (Equated Monthly Instalment) | Buy Now Pay Later | 29+ member banks | Consumer credit |
The EMI channel - available across 29 or more scheduled banks in Bangladesh - is a distinctive feature of the Bangladesh market, enabling consumers to split merchant payments into monthly instalments deducted from their bank accounts. This significantly expands the addressable consumer market for higher-value digital purchases.
21.3.2 Pay-Outs - Disbursement Rails¶
| Disbursement Rail | Notes |
|---|---|
| Mobile wallet push (bKash, Nagad, Rocket, etc.) | Real-time disbursement to registered MFS accounts |
| NPSB bank transfer | Real-time interbank settlement |
| BEFTN batch transfer | Next-day batch settlement |
| EMI disbursement - 29+ banks | Structured disbursement for EMI merchants |
| OTC / agent-assisted | Via agent network where applicable |
21.4 Local Organisational Structure¶
| Name | Role | Notes |
|---|---|---|
| Sanjana Farid | Country Head - Bangladesh and Nepal | Group ELT member; dual-market accountability |
| Faruk Kaysar | Deputy Country Manager - Bangladesh | Senior in-country operational lead |
| Sunny Das | Treasury Manager - Bangladesh | PKR/BDT float management and pre-funding |
| Nazmul Hassan | Manager, Reconciliation and Settlement - Bangladesh | End-of-day recon, break management |
| Ashif Rahman | Legal Counsel - Bangladesh | In-country legal support; regulatory liaison; corporate governance |
Sanjana Farid holds P&L accountability for both Bangladesh and Nepal, reflecting the operational linkage between the two markets (both are South Asian remittance-receiving corridors, both operate under similar regulatory frameworks, and both are at comparable stages of licence development). The Deputy Country Manager, Faruk Kaysar, manages day-to-day Bangladesh operations, allowing Sanjana Farid to maintain strategic oversight across both markets.
The presence of dedicated in-country treasury, reconciliation, and legal resources reflects the operational complexity of Bangladesh's multi-channel MFS environment, where same-day settlement cycles, high transaction volumes across 11 MFS operators, and the EMI programme create significant reconciliation and liquidity management demands.
21.5 Banking and Payment Partners¶
| Partner | Role |
|---|---|
| Bangladesh Bank | Regulator; NPSB and BEFTN rail operator |
| bKash Ltd | MFS wallet integration - primary channel |
| Nagad Ltd | MFS wallet integration |
| Dutch-Bangla Bank (DBBL) | Rocket MFS integration; correspondent banking |
| United Commercial Bank | Upay MFS integration |
| Islami Bank Bangladesh | M-Cash integration; potential Islamic finance channel |
| 29+ scheduled banks | EMI programme participants |
| Acquiring bank (TBC by merchant) | Card acquiring for Visa/Mastercard/Amex |
21.6 Country-Specific Compliance¶
21.6.1 AML/CFT Framework¶
Bangladesh operations are governed by Bangladesh Bank's AML/CFT guidelines for payment system operators, BFIU directives, and the Money Laundering Prevention Act 2012 and Anti-Terrorism Act 2009. Key programme elements:
- CDD: National ID (NID) and biometric verification for consumer-level transactions via MFS operators; KYB for merchants including trade licence, TIN, and beneficial ownership verification
- Transaction Monitoring: velocity monitoring across MFS channels; structured limits per Bangladesh Bank MFS transaction caps; enhanced monitoring for remittance inflows
- STR Submission: to BFIU within 30 days of detection; immediate escalation for terrorism financing indicators
- Sanctions Screening: UN, OFAC, EU, HMT sanctions lists; Bangladesh Bank watch lists
- Record Keeping: minimum five years per MLPA 2012
21.6.2 Foreign Exchange and Remittance Compliance¶
Inward remittance flows to Bangladesh are subject to Bangladesh Bank's Foreign Exchange Regulation Act (FERA) 1947 and Foreign Exchange Circular requirements. Remittances must be processed through authorised dealer (AD) banks. Simpaisa's remittance inflow model operates in partnership with licensed AD banks to ensure all inward flows are captured within the Bangladesh Bank's reporting and monitoring framework.
21.6.3 Data Protection¶
Bangladesh's primary data protection framework for ICT operators is the ICT Act 2006, as amended, and Bangladesh Bank's ICT security guidelines for financial institutions. Data localisation requirements apply to payment transaction data; aamarPay's technical infrastructure is operated within Bangladesh.
21.7 Operational KPIs¶
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| Total Payment Volume (TPV) - Bangladesh | Commercial | Per Board-approved plan | Monthly |
| Transaction success rate - Pay-Ins | Operational | ≥ 94% | Daily |
| Transaction success rate - Pay-Outs | Operational | ≥ 96% | Daily |
| Reconciliation break rate | Operational | < 0.15% of transaction count | Daily |
| Settlement timeliness (% on time) | Operational | ≥ 99% | Weekly |
| MFS channel coverage (of total market) | Operational | 11 of 11 major operators | Quarterly |
| EMI programme participation (banks) | Commercial | 29+ banks | Quarterly |
| STR filing timeliness | Compliance | 100% within 30 days | Monthly |
| PSO acquisition milestone progress | Strategic | Per acquisition timeline | Quarterly |
21.8 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| Bangladesh Bank regulatory change to PSO framework | Regulatory | Medium | High | Active regulatory engagement via Ashif Rahman and Shoukat Bizinjo; PSO acquisition as strategic hedge |
| BDT foreign exchange controls limiting repatriation | Financial | High | Medium | USD settlement structure with AD bank partners; treasury pre-positioning |
| MFS operator concentration risk (bKash dependency) | Operational | Medium | Medium | 11-operator diversification; weighted routing across channels |
| PSO acquisition process - regulatory approval delays | Strategic | Medium | Medium | Alternative: deepen aamarPay operational integration; parallel M&A pipeline |
| EMI programme bank withdrawal | Commercial | Low | Low | 29+ participating banks provides resilience; contractual protections |
| Political instability and civil unrest | Country | Medium | Medium | Operational resilience; remote processing capability; in-country team safety protocols |
| Reconciliation complexity - 11 MFS operators + banks | Operational | High | Medium | Dedicated reconciliation function (Nazmul Hassan); automated recon tooling |
Section 22: Nepal Operations¶
22.1 Entity Profile¶
Legal Entity: Pay Nest PVT LTD
Jurisdiction: Federal Democratic Republic of Nepal
Registered Office: Nepal
Group Relationship: Subsidiary of Simpaisa Holdings PTE. Limited (Singapore)
Operative Structure: Fiduciary agreement arrangement underpins current commercial operations pending own licence issuance
Nepal is an emerging market for Simpaisa, operating at an earlier stage of regulatory and commercial maturity than Pakistan or Bangladesh. The Nepal business is structured around PSP integrations with the country's four dominant digital payment operators - Khalti, e-Sewa, IME Pay, and Paywell - enabling Pay-Ins and Pay-Outs without Simpaisa holding its own National Payments System licence from Nepal Rastra Bank (NRB). The Group is actively pursuing both an M&A acquisition of an NRB-licensed PSO target and a direct own-licence application.
Nepal is a strategically important remittance-receiving corridor: the country is among the world's top remittance-dependent economies by share of GDP, with large diaspora communities in the Gulf, Malaysia, and India. This makes Nepal an attractive market for Simpaisa's inbound remittance product, complementing the existing Canada-to-Nepal and UAE-to-Nepal corridor strategy.
22.2 Regulatory Landscape¶
22.2.1 Primary Regulator¶
Nepal Rastra Bank (NRB) - the central bank and primary payment system regulator. NRB regulates payment service providers, payment system operators, and foreign exchange under the Nepal Rastra Bank Act 2002, the Payment and Settlement Act 2019, and associated regulations and directives.
22.2.2 Capital Requirements¶
NRB prescribes minimum capital requirements for licensed payment operators:
| Licence Category | Minimum Capital Requirement |
|---|---|
| Domestic payment licence | NPR 150 million |
| Foreign-owned payment licence | NPR 250 million |
Pay Nest PVT LTD, as a foreign-affiliated entity, would be subject to the NPR 250 million (approximately USD 1.8 million) minimum capital threshold when applying for an NRB licence. This capital requirement is a key structuring consideration for the licence acquisition strategy.
22.2.3 Current Operative Structure¶
In the absence of an own NRB licence, Pay Nest PVT LTD operates under a fiduciary agreement structure that underpins commercial arrangements with PSP partners (Khalti, e-Sewa, IME Pay, Paywell). This structure enables Simpaisa to access Nepal's payment rails commercially whilst the Group's regulatory application process progresses. The fiduciary arrangement is subject to review as the Group's regulatory status evolves.
22.2.4 Licence Acquisition Roadmap - Nepal¶
M&A of PSO Target: The Group has identified an M&A acquisition target for a PSO-licensed Nepalese entity. Acquisition of a majority stake in an existing NRB-licensed operator would provide an immediate regulatory foundation and avoid the lengthy own-licence application process. The acquisition is subject to NRB approval for ownership and control changes.
Own NRB Licence: A direct application for an NRB payment licence is also being pursued in parallel, providing a fallback pathway and ensuring the Group has a fully owned regulatory asset in Nepal on the longer-term horizon.
22.3 Products and Services¶
| Product | Status | Notes |
|---|---|---|
| Pay-Ins | Active | Via PSP partner integrations |
| Pay-Outs | Active | Via PSP partner integrations |
| Remittance Inflows | Active | Inward remittance via NRB-approved channels |
22.3.1 Payment Partners - Nepal¶
| Partner | Type | Role |
|---|---|---|
| Khalti | Digital Wallet / PSP | Pay-In and Pay-Out rail |
| e-Sewa | Digital Wallet / PSP | Pay-In and Pay-Out rail |
| IME Pay | Digital Wallet / PSP | Pay-In and Pay-Out rail (IME Group - major remittance company) |
| Paywell | Digital Wallet / PSP | Pay-In and Pay-Out rail |
| Scheduled banks (via PSP partners) | Bank transfers | RTGS and ACH bank-to-bank transfers via PSP networks |
22.4 Local Organisational Structure¶
| Name | Role | Notes |
|---|---|---|
| Sanjana Farid | Country Head - Bangladesh and Nepal | Group ELT; dual-market mandate |
| Shailendra Joshi | Deputy Country Manager - Nepal | Senior in-country operational lead |
| Bishal Bajgain | Legal Counsel - Nepal | In-country legal support; NRB regulatory liaison; M&A transaction support |
Nepal operations are leaner than Bangladesh, reflecting the earlier stage of market development and the more limited (four-operator) PSP integration footprint. The Deputy Country Manager (Shailendra Joshi) manages operational and partner relationships in-country, with Legal Counsel (Bishal Bajgain) providing dedicated regulatory and legal support - critical given the active licence application and M&A processes under way.
22.5 Banking and Payment Partners¶
| Partner | Role |
|---|---|
| Nepal Rastra Bank | Regulator; RTGS system operator |
| Khalti Digital Wallet | Primary PSP integration |
| e-Sewa | PSP integration |
| IME Pay (IME Group) | PSP integration - strategic given IME's remittance network |
| Paywell | PSP integration |
| Scheduled Nepalese banks | Correspondent banking for settlement |
22.6 Country-Specific Compliance¶
22.6.1 AML/CFT Framework¶
Nepal operations are governed by the Asset Laundering Prevention Act 2008 (ALPA), NRB's AML/CFT directives for payment institutions, and guidelines issued by the Financial Intelligence Unit of Nepal (FIU-Nepal). Key compliance obligations include:
- CDD: Nepal citizenship certificate or passport verification for consumer-level transactions
- Transaction Monitoring: NRB-prescribed transaction limits; monitoring for structuring and layering
- STR Submission: to FIU-Nepal
- Sanctions Screening: UN consolidated list; NRB proscribed lists
- Remittance Compliance: FATF Recommendation 16 Travel Rule compliance for cross-border transfers
22.6.2 Foreign Exchange¶
Nepal maintains tight foreign exchange controls under NRB's foreign exchange management regulations. Inward remittances are welcomed as a macroeconomic priority (remittances account for approximately 22–25% of Nepal's GDP), but the conversion and repatriation of Simpaisa's earnings from Nepal into USD is subject to NRB's foreign exchange allocation and repatriation procedures.
22.6.3 Data Protection¶
Nepal's Privacy Act 2018 establishes a framework for personal data protection. NRB additionally issues data security guidelines for payment institutions. Localisation of payment transaction data within Nepal is expected as a regulatory requirement when Pay Nest obtains an NRB licence.
22.7 Operational KPIs¶
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| Total Payment Volume (TPV) - Nepal | Commercial | Per commercial plan | Monthly |
| Transaction success rate - Pay-Ins | Operational | ≥ 93% | Daily |
| Transaction success rate - Pay-Outs | Operational | ≥ 95% | Daily |
| PSP partner coverage (of major operators) | Operational | 4 of 4 major PSPs | Quarterly |
| NRB licence / PSO M&A milestone | Regulatory | Per acquisition timeline | Quarterly |
| Remittance inflow volume - Nepal corridor | Commercial | Per commercial plan | Monthly |
| Capital readiness for NRB licence (NPR 250M) | Financial | Per fundraising plan | Quarterly |
22.8 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| NRB licence application or M&A approval delay | Regulatory | Medium | High | Fiduciary structure maintained as bridge; parallel own-licence pathway |
| NPR capital requirements constraining licence timing | Financial | Medium | Medium | Capital planning integrated into Group fundraising; phased capital injection structure |
| PSP partner dependency - limited to 4 operators | Operational | Medium | Medium | M&A acquisition would provide direct rail access; relationship management at senior level |
| NPR repatriation restrictions | Financial | High | Medium | Pre-funding model; NRB liaison; structured settlement cycles |
| Political instability | Country | Medium | Low | Nepal has experienced frequent government changes; business relationships maintained at operational level, not political |
| FATF and AML risk given remittance volume | Compliance | Medium | Medium | Robust CDD and monitoring programme; FIU-Nepal engagement |
Section 23: Iraq Operations¶
23.1 Entity Profile¶
Legal Entity: Simpaisa Holdings PTE. Limited - Branch Office (Iraq)
Jurisdiction: Republic of Iraq
Registered Office: Iraq (branch of Singapore HoldCo)
Group Relationship: Branch of Simpaisa Holdings PTE. Limited (Singapore HoldCo); no separate legal entity
Operative Structure: Partnership with local licensed provider for downstream payment processing; inward remittance execution via licensed correspondent bank
Iraq is Simpaisa's newest and most nascent active market. Operations are conducted through a branch office of the Singapore HoldCo rather than a separately incorporated local entity, reflecting the early-stage nature of the market, the complexity of establishing local corporates in Iraq, and the Group's preference to test the market via a lighter-touch structure before committing to full local incorporation and licensing. The target was to commence integrations with local digital wallets by Q3 2025; this timeline is subject to ongoing partner and regulatory engagement.
23.2 Regulatory Landscape¶
23.2.1 Primary Regulator¶
Central Bank of Iraq (CBI) - the monetary authority and payment system regulator. The CBI licenses and supervises electronic payment companies, money transfer operators, and banks operating in Iraq. The CBI has been actively modernising Iraq's payments infrastructure under a national financial inclusion programme, with a focus on electronic payment adoption.
23.2.2 Operative Model¶
The Group's Iraq model is not a directly licensed operation. Rather:
- Downstream processing is conducted through a locally licensed payment provider (partner), who holds the relevant CBI payment authorisation. Simpaisa acts as an upstream technology and commercial layer, routing transactions to the local partner for execution.
- Cross-border remittance flows are routed via a CBI-licensed bank with correspondent banking relationships to the Group's sending entities (Canada MSB, UK MSB).
This model mirrors the structure used in Pakistan pre-licence (Schedule H aggregator) and Bangladesh pre-aamarPay (partner-dependent), reflecting Simpaisa's standard market entry approach in jurisdictions where direct licensing is not yet in place.
23.2.3 Licence and Expansion Roadmap¶
Direct CBI licensing for a Simpaisa entity in Iraq is a medium-term objective. The immediate priority is to establish commercial traction and payment volume via the partner model, demonstrating a track record that would support a future licence application or local entity formation. The Group will assess the timeline for direct CBI engagement based on commercial performance and the evolution of Iraq's payment regulatory framework.
23.3 Products and Services¶
| Product | Status | Notes |
|---|---|---|
| Pay-Ins | In Development | Via local partner integrations (target Q3 2025 / progressing) |
| Pay-Outs | In Development | Via local partner disbursements |
| Remittance Inflows | In Development | Via licensed correspondent bank |
Target local wallet integrations include Iraq's emerging digital wallet ecosystem, subject to partner agreements and CBI approval.
23.4 Local Organisational Structure¶
Iraq does not currently have a dedicated in-country Country Head. Oversight of Iraq operations is managed by:
| Role | Name | Accountability |
|---|---|---|
| Chief Strategy and Network Officer | Bachir Njeim | Strategic partnership development; CBI engagement |
| Global Head of Regulatory Affairs | Shoukat Bizinjo | Regulatory framework navigation; correspondent bank relationships |
| CEO | Yassir Pasha | Executive sponsorship of Iraq market entry |
As operations mature and transaction volumes grow, the Group will appoint a dedicated Iraq Country Head (currently listed as TBC in the Group org chart).
23.5 Banking and Payment Partners¶
| Partner | Role | Notes |
|---|---|---|
| Local CBI-licensed payment provider | Downstream processing | Holds operative CBI payment licence; processes local wallet and bank transactions |
| CBI-licensed correspondent bank | Remittance settlement | Receives inward remittances from Canada/UK sending entities |
| Local digital wallet operators (TBC) | Pay-In and Pay-Out channels | Integration pipeline underway |
23.6 Country-Specific Compliance - Heightened Controls¶
Iraq is classified as an elevated-risk jurisdiction within the Group's risk framework. The following specific compliance considerations apply:
23.6.1 Sanctions Risk - Adjacency¶
Iraq is not itself a comprehensively sanctioned jurisdiction (unlike Iran or North Korea), but it presents significant sanctions adjacency risk due to:
- The presence of designated entities, individuals, and groups - including IRGC-affiliated entities - operating within Iraq's economic environment
- Risk of transactions involving sanctioned Iranian entities routing through Iraqi payment channels
- Potential exposure to UN, OFAC, EU, and HMT designated parties operating in Iraq's informal economy
Mitigations: - All Iraq-related transactions are subject to enhanced sanctions screening via Eastnets, with Iraq flagged as an elevated-risk jurisdiction requiring additional manual review steps - Correspondent bank selection criteria require the bank to be a reputable, international-standards-compliant institution with its own robust sanctions screening programme - The local partner's sanctions compliance posture has been subject to due diligence review prior to partnership formalisation - Transaction size limits and geographic restrictions (limiting to specific governorates where risk is assessed as lower) are applied - Transaction monitoring rules are set at lower thresholds than standard markets
23.6.2 Correspondent Banking Restrictions¶
Iraq faces ongoing correspondent banking de-risking by major international banks, which can limit the availability of USD-denominated settlement routes. Simpaisa's treasury function monitors the correspondent banking landscape for Iraq-related flows and maintains contingency banking relationships.
23.6.3 AML/CFT¶
Iraq operations are subject to the Group's AML/CFT framework with Iraq-specific enhanced controls. The Iraqi Anti-Money Laundering and Countering the Financing of Terrorism Commission (AMLCTFC) is the relevant FIU. Reporting obligations will apply upon commencement of active operations.
23.7 Operational KPIs¶
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| Local wallet integration progress | Operational | Per milestone plan | Monthly |
| Partner due diligence reviews | Compliance | Quarterly at minimum | Quarterly |
| Sanctions screening - escalation rate | Compliance | 100% reviewed within 4 hours | Per event |
| TPV - Iraq (once live) | Commercial | Per commercial plan | Monthly |
| Correspondent bank availability | Financial | Primary + secondary bank available | Monthly |
23.8 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| Sanctions exposure via local partner or counterparty | Compliance | High | Very High | Enhanced due diligence on partner; Eastnets screening; transaction limits; manual review overlay |
| Correspondent banking de-risking | Financial | High | High | Primary + secondary correspondent banking relationships; monitor alternative settlement routes |
| Political and security instability | Country | High | High | Branch model minimises committed capital; remote management; escalation protocol for security events |
| CBI regulatory change or restriction on foreign operators | Regulatory | Medium | High | Monitor CBI developments; maintain flexibility in partner model |
| Inability to repatriate earnings in USD | Financial | Medium | Medium | Iraqi Dinar (IQD) position management; use of USD-denominated correspondent bank accounts |
| Partner performance and reliability | Operational | Medium | Medium | SLA framework in partnership agreement; contingency partner identification |
Section 24: UAE Operations and DIFC Expansion¶
24.1 Entity Profile¶
Legal Entity: Simpaisa Technologies LTD
Jurisdiction: Dubai International Financial Centre (DIFC), United Arab Emirates
Registered Office: DIFC, Dubai, UAE
Licence Type: DIFC Commercial Licence (current)
Group Relationship: Subsidiary of Simpaisa Holdings PTE. Limited (Singapore)
The UAE entity serves as Simpaisa's regional headquarters for the Middle East and North Africa. Five members of the Group Executive Leadership Team are based in Dubai's DIFC, making it the de facto executive nerve centre of the business alongside the Pakistan operational hub. The DIFC entity is currently operating under a commercial licence (permitting non-regulated commercial activities) whilst the Group pursues a DFSA Category 3D Money Services Business licence to enable regulated payment operations in and from the UAE.
The UAE is strategically positioned as: - The Group's MENA regional hub for merchant settlement and commercial operations - The anchor for the Group's Gulf Cooperation Council (GCC) expansion strategy, beginning with Saudi Arabia - A premium commercial address that strengthens the Group's positioning with international partners, correspondent banks, and institutional clients
24.2 Regulatory Landscape¶
24.2.1 Dual Regulatory Framework¶
The UAE presents a dual regulatory environment for financial services:
Dubai International Financial Centre (DIFC): - Dubai Financial Services Authority (DFSA) - the independent financial services regulator for the DIFC freezone. The DFSA licenses, supervises, and enforces financial services regulations within the DIFC. Simpaisa Technologies LTD is incorporated within the DIFC and falls within DFSA's regulatory perimeter for its proposed regulated activities.
Mainland UAE: - Central Bank of the UAE (CBUAE) - the monetary authority for the UAE mainland. The CBUAE licenses and supervises financial institutions conducting payment activities across the UAE. The CBUAE's 2023 Payment Token Services Regulation and Stored Value Facilities framework are relevant to Simpaisa's future product plans.
24.2.2 DFSA Category 3D Licence - Money Services Business¶
The Group is applying for a DFSA Category 3D licence, which authorises a firm to conduct Money Services activities within the DIFC. A Category 3D licence covers: - Providing money services (currency exchange, money transmission) - Operating a payment account - Executing payment transactions
Governance Requirements for Category 3D:
| Requirement | Detail |
|---|---|
| Non-Executive Chairman | Required; must be independent of management |
| Senior Executive Officer (SEO) | Must be resident in the UAE; responsible to DFSA for regulatory compliance |
| Money Laundering Reporting Officer (MLRO) | Required; may be combined with compliance officer role below certain thresholds |
| Compliance Officer | Required; responsible for ongoing compliance with DFSA rules |
| Board composition | Minimum two directors; independent director(s) as required |
Capital Requirements: - Minimum capital: USD 300,000 to USD 500,000 (exact amount subject to DFSA assessment based on projected activity volumes and risk profile) - Capital must be maintained at all times; reduction below minimum triggers immediate DFSA notification obligation
Operational Requirements: - Adequate systems and controls for AML/CFT, sanctions screening, transaction monitoring - Operational resilience framework - Outsourcing policy (DFSA outsourcing rules apply where material functions are outsourced) - Complaints handling procedure - Business continuity plan
24.2.3 Regulatory Engagement Strategy¶
The Global Head of Regulatory Affairs (Shoukat Bizinjo) leads the DFSA Category 3D application. Key milestones in the application process include: - Pre-application meeting with DFSA - Submission of full licence application (business plan, financial projections, governance framework, AML/CFT programme, individual applications for SEO and MLRO) - DFSA review and queries - Conditional approval and conditions satisfaction - Full licence grant
The DFSA licensing process typically takes 6–12 months from formal submission to approval, subject to the completeness of the application and DFSA's query response timelines.
24.3 Products Planned (Post-DFSA Licence)¶
| Product | Status | Notes |
|---|---|---|
| Pay-Ins (Collections) | Planned | MENA merchant settlement hub |
| Pay-Outs (Disbursements) | Planned | MENA disbursements; GCC merchant payouts |
| Remittance Origination | Planned | UAE-to-South Asia corridor origination |
| White-Label Wallets | Planned | Subject to CBUAE SVF framework in parallel |
| MENA Merchant Settlement | Planned | Regional settlement hub for GCC merchants |
The UAE entity is envisaged as the commercial and settlement hub for the Group's MENA and GCC expansion - the point through which Saudi Arabia, Egypt, Kuwait, Bahrain, Oman, and Jordan merchants will ultimately settle. This regional hub model is a central pillar of the Group's Saudi Arabia Phase 2 and Phase 3 strategy.
24.4 Local Organisational Structure¶
Five Group executives are currently based in the Dubai DIFC office:
| Name | Role |
|---|---|
| Yassir Pasha | CEO |
| Kamil Shaikh | COO |
| Bachir Njeim | Chief Strategy and Network Officer |
| Mohammad Mustafa | Global CFO |
| (Additional executive - DIFC) | TBC per Group org chart |
The UAE entity will require specific regulated role appointments upon DFSA licence grant:
| Required Role | Status | Notes |
|---|---|---|
| Senior Executive Officer (SEO) | To be appointed / designated | Must be UAE resident; likely an existing UAE-based executive |
| Non-Executive Chairman | To be appointed | Requires identification of independent candidate |
| MLRO | To be appointed | May be the existing compliance function with UAE overlay |
| Compliance Officer | To be appointed | May be combined with MLRO below threshold |
The build-out of the UAE entity's operational team - including local operations staff, compliance personnel, and commercial functions - is planned to proceed in parallel with the DFSA licence application, with full operational readiness targeted at licence grant.
24.5 Banking and Payment Partners¶
| Partner | Role | Status |
|---|---|---|
| UAE correspondent bank(s) | Settlement and treasury | To be confirmed |
| UAE domestic payment networks | Pay-In / Pay-Out rails (post-licence) | Engagement in progress |
| CBUAE payment infrastructure | Regulatory compliance infrastructure | Via licensed banking partner |
A key dependency for UAE operational readiness is the establishment of UAE-domiciled banking relationships that are willing to provide correspondent services to a DFSA-licensed Money Services Business. Banking de-risking in the UAE payments sector is a known challenge, and the Group's DIFC regulatory standing and Group compliance posture are expected to be positive factors in correspondent bank selection.
24.6 Country-Specific Compliance¶
24.6.1 AML/CFT - DFSA Requirements¶
The DFSA's AML/CFT framework is set out in the DFSA's AML module of the DFSA Rulebook, which requires DFSA-licensed firms to comply with the DIFC's AML/CFT Law (DIFC Law No. 1 of 2012, as amended) and the UAE's Federal AML/CFT legislation (Federal Decree-Law No. 20 of 2018). Key requirements include:
- Appointment of a MLRO with direct DFSA reporting obligations
- Customer Risk Categorisation and associated CDD / EDD procedures
- Transaction monitoring programme
- STR submission to the UAE Financial Intelligence Unit (uAEFIU) and CBUAE
- Compliance with the UAE's automatic exchange of information (AEOI) obligations
24.6.2 UAE Beneficial Ownership and Sanctions¶
The UAE is committed to FATF standards (UAE was on the FATF Grey List from 2022–2024 and was removed in February 2024 following significant reforms). The UAE's enhanced national action plan has produced materially strengthened beneficial ownership registers, sanctions compliance obligations (UN Security Council sanctions have direct force in UAE law), and new STR reporting requirements. Simpaisa's UAE compliance programme will be designed from the outset to meet post-grey list DFSA expectations.
24.6.3 Data Protection¶
The UAE's Federal Data Protection Law (PDPL - Federal Decree-Law No. 45 of 2021) and the DIFC's Data Protection Law (DIFC Law No. 5 of 2020, based on GDPR principles) apply to Simpaisa Technologies LTD's data processing activities within the DIFC. The DIFC data protection regime is administered by the DIFC Commissioner of Data Protection and imposes GDPR-equivalent obligations including privacy notices, data subject rights, data breach notification (72-hour window), and data processing agreements with processors.
24.7 Operational KPIs¶
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| DFSA licence application progress | Regulatory | Per milestone plan | Monthly |
| SEO / MLRO / Non-exec Chair appointments | Governance | Prior to licence grant | Quarterly |
| Capital adequacy (USD 300K–500K) | Financial | Maintained at all times post-licence | Monthly |
| UAE correspondent banking relationship | Financial | Primary bank confirmed pre-licence | Quarterly |
| AML/CFT framework documentation | Compliance | Complete prior to DFSA submission | Milestone |
| TPV - UAE (post-licence) | Commercial | Per commercial plan | Monthly |
24.8 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| DFSA licence application delay | Regulatory | Medium | High | Early pre-application meeting; experienced regulatory counsel; comprehensive initial submission |
| Inability to appoint UAE-resident SEO or independent chair | Governance | Low | High | UAE-based executive team provides SEO candidates; external NEDs identified in advance |
| UAE correspondent banking - de-risking | Financial | Medium | High | DIFC regulatory standing as differentiator; multiple bank outreach; use of DIFC-regulated banking relationships |
| Capital adequacy post-licence (draw-down) | Financial | Low | High | Capital maintained above minimum; monitoring and top-up mechanism defined in treasury policy |
| Evolving CBUAE payment regulation | Regulatory | Medium | Medium | Monitor CBUAE regulatory developments; early engagement on CBUAE SVF licence if wallet products progress |
| Concentrated executive team (5 execs in one location) | Operational | Low | High | BCP for key person risk; remote working capability; succession planning |
Section 25: Canada and UK Operations¶
25.1 Entity Profiles¶
Canada¶
| Entity | Licence | Regulator | Permitted Services |
|---|---|---|---|
| Simpaisa CA LTD | Money Services Business (MSB) | FINTRAC | Foreign exchange; money transfers; payment services |
| Commerce Plex Limited | Foreign Money Services Business (FMSB) | FINTRAC | Foreign exchange; money transfers; virtual currency |
Both Canadian entities are registered with FINTRAC (Financial Transactions and Reports Analysis Centre of Canada), Canada's financial intelligence unit and AML/CFT regulator. The MSB registration applies to Simpaisa CA, which serves the Canadian domestic market. Commerce Plex holds an FMSB registration, which permits the business to provide money services to customers located outside Canada - the regulatory framework that governs cross-border remittance origination.
United Kingdom¶
| Entity | Licence | Regulator | Permitted Services |
|---|---|---|---|
| Commerce Plex Limited | HMRC Money Services Business | HMRC | Foreign exchange; money transfers |
Commerce Plex Limited is dual-registered: it holds an HMRC MSB registration in the UK (authorised as a money service business by HMRC under the Money Laundering Regulations 2017) and an FMSB registration in Canada. This dual registration enables Commerce Plex to originate remittances from both the UK and Canadian diaspora communities to South Asian destinations (Pakistan, Bangladesh, Nepal).
25.2 Strategic Role¶
Canada and the UK serve a singular and well-defined strategic purpose within the Simpaisa Group: they are the remittance corridor origination points for the Group's South Asia-bound transfer business. The Group does not pursue domestic payments or merchant acquiring in Canada or the UK; the businesses are corridor-focused, serving diaspora communities (primarily South Asian) who wish to send remittances to Pakistan, Bangladesh, and Nepal.
This model is capital-light relative to the receiving-market operations: the Canadian and UK MSB registrations require no minimum capital and carry relatively streamlined compliance obligations compared to, for example, a DFSA Category 3D or an NRB payment licence. The compliance burden is primarily AML/CFT in nature.
The UK presents a future opportunity for further regulatory development: as the Group pursues remittance corridors from Europe and as the DFSA licence builds credibility, the UK entity may be considered for an FCA Electronic Money Institution (EMI) or Payment Institution (PI) licence to expand the range of services that can be offered. This is a medium-term consideration, not a current priority.
25.3 Regulatory Landscape¶
25.3.1 Canada - FINTRAC¶
FINTRAC (Financial Transactions and Reports Analysis Centre of Canada) is Canada's financial intelligence unit and the MSB/FMSB regulator. FINTRAC's mandate is to facilitate the detection, prevention, and deterrence of money laundering and terrorist financing.
MSB / FMSB Registration Requirements: - Registration with FINTRAC (no capital requirement) - Implementation of a compliance programme meeting FINTRAC's requirements: compliance officer, written policies and procedures, risk assessment, ongoing training, and effectiveness review - Reporting obligations: Large Cash Transactions (LCT), Electronic Funds Transfer Reports (EFTR), Suspicious Transaction Reports (STR) - Record keeping: five-year minimum retention of transaction records and CDD documentation
Virtual Currency (Commerce Plex FMSB): Commerce Plex's FMSB registration includes virtual currency services, which imposes additional FINTRAC reporting and compliance obligations specific to virtual currency transactions - relevant should the Group extend crypto services to Canadian clients.
25.3.2 United Kingdom - HMRC¶
In the UK, money service businesses (including currency exchange, money transmission, and cheque cashing) are required to register with HMRC under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs 2017). HMRC supervises MSBs for AML/CFT compliance purposes; the FCA supervises for conduct and authorised payment institution purposes.
Commerce Plex's HMRC MSB registration permits it to conduct money transfer and foreign exchange activities. It does not hold an FCA Payment Institution authorisation, which would be required to passport services across the UK/EEA or to offer a wider range of payment services.
25.4 AML/CFT Compliance Programme¶
The Group has four existing AML/CFT policy documents covering the Canadian and UK entities:
| Policy Document | Entity | Status |
|---|---|---|
| AML/CFT Policy - Simpaisa CA LTD | Simpaisa CA | Existing - current |
| AML/CFT Policy - Commerce Plex Limited (Canada) | Commerce Plex (CA) | Existing - current |
| Anti-Fraud Policy - Simpaisa CA LTD | Simpaisa CA | Existing - current |
| Anti-Fraud Policy - Commerce Plex Limited (Canada) | Commerce Plex (CA) | Existing - current |
These policies are FINTRAC-compliant and cover the required elements: compliance officer designation, risk assessment, written procedures, training, and effectiveness review mechanisms.
UK Compliance: Commerce Plex's UK HMRC MSB obligations are covered by an AML/CFT framework aligned to the MLRs 2017. The HMRC supervisory relationship requires the business to demonstrate ongoing compliance programme effectiveness, typically via HMRC compliance visits.
25.4.1 Reporting Obligations - Canada¶
| Report Type | Threshold / Trigger | Submission To |
|---|---|---|
| Large Cash Transaction (LCT) | CAD 10,000+ in cash | FINTRAC |
| Electronic Funds Transfer (EFT) | CAD 10,000+ via wire transfer | FINTRAC |
| Suspicious Transaction Report (STR) | Reasonable grounds to suspect ML/TF | FINTRAC |
| Terrorist Property Report (TPR) | Knowledge or suspicion of terrorist property | FINTRAC |
| Casino Disbursement Report | Not applicable (not a casino) | N/A |
25.4.2 Reporting Obligations - UK¶
| Report Type | Trigger | Submission To |
|---|---|---|
| Suspicious Activity Report (SAR) | Knowledge or suspicion of ML/TF | National Crime Agency (NCA) |
| Defence Against Money Laundering (DAML) | Request for consent to proceed | NCA |
25.5 Local Organisational Structure¶
Canada and UK operations are managed with lean dedicated compliance and operations resource, given the corridor-origination nature of the business. The Group COO (Kamil Shaikh) provides operational oversight of the North American entities. Compliance functions are managed by designated Compliance Officers for each entity in accordance with FINTRAC requirements.
The Global Head of Regulatory Affairs (Shoukat Bizinjo) maintains oversight of FINTRAC and HMRC regulatory relationships and licence renewals.
25.6 Operational KPIs¶
| KPI | Category | Target / Threshold | Reporting Frequency |
|---|---|---|---|
| Total remittance volume - Canada corridors | Commercial | Per commercial plan | Monthly |
| Total remittance volume - UK corridors | Commercial | Per commercial plan | Monthly |
| FINTRAC reporting timeliness - LCT / EFT | Compliance | 100% within 15 business days | Monthly |
| STR filing timeliness - Canada | Compliance | 100% within 30 days | Monthly |
| SAR filing timeliness - UK | Compliance | 100% promptly upon suspicion | Monthly |
| FINTRAC compliance programme effectiveness review | Compliance | Annual completion | Annual |
| HMRC MSB registration renewal | Regulatory | Annual; no lapse | Annual |
25.7 Key Risks and Mitigations¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| FINTRAC enforcement action for reporting breach | Compliance | Low | High | Documented procedures; compliance officer accountability; quarterly internal review |
| HMRC MSB registration lapse | Regulatory | Low | High | Renewal calendar maintained by Global Head of Regulatory Affairs; 90-day advance notice |
| Corridor closure risk (Pakistan SBP, Bangladesh Bank) | Regulatory | Low | High | Diversified corridor portfolio (PK, BD, NP); regulatory monitoring in receiving markets |
| Transaction fraud - remittance | Fraud | Medium | Medium | Anti-fraud policies operational; anomaly detection on sending patterns |
| FCA authorisation requirement triggered by service expansion | Regulatory | Low | Medium | Monitor FCA perimeter guidance; obtain legal advice before expanding UK services |
| Virtual currency regulatory change - Canada FMSB | Regulatory | Medium | Medium | Monitor FINTRAC guidance on virtual assets; Commerce Plex FMSB covers current scope |
Section 26: Expansion Markets¶
26.1 Overview¶
Simpaisa's geographic expansion strategy is guided by the Group's corridor density thesis: by building density across South Asian remittance receiving markets and establishing origination points in high-diaspora geographies, the Group can offer merchants and institutional clients unmatched corridor coverage, creating network effects that are difficult for competitors to replicate. Expansion markets are selected based on a structured evaluation framework (set out in Section 26.2) and are entered via a phased model that sequences regulatory, commercial, and operational commitments appropriately.
The Group's current expansion pipeline comprises: - Saudi Arabia - most advanced; Phase 1 targeting Q2 2026 - Central Asia - Kazakhstan and Uzbekistan targeting Q1 2026 - MENA Pipeline - Egypt (existing Country Addendum), Jordan, Kuwait, Bahrain, Oman - Other markets - assessed on an opportunistic basis
26.2 Market Entry Evaluation Framework (Scorecard)¶
Before committing resources to any new market, the Group applies a standardised Market Entry Evaluation Framework. The scorecard is completed by the Chief Strategy and Network Officer (Bachir Njeim) in conjunction with the Global Head of Regulatory Affairs (Shoukat Bizinjo), the Global CFO (Mohammad Mustafa), and the relevant Country Head candidate, and is presented to the CEO and ELT for approval.
26.2.1 Scorecard Dimensions¶
Each dimension is scored 1–5 (1 = very unfavourable, 5 = very favourable). A minimum aggregate threshold score of 30 out of 50 is required to proceed to Phase 1 market entry. A score below 20 triggers a "do not enter at this time" determination.
Dimension 1: Market Size and Commercial Opportunity (max 10 points)
| Indicator | Weight | Assessment Method |
|---|---|---|
| Total addressable market (TAM) for target product lines | 4 | Remittance inflow data (World Bank); digital payment penetration reports |
| Existing merchant / partner demand signal | 3 | CRM pipeline; inbound commercial interest from merchants in that country |
| Projected corridor revenue (Year 1–3) | 3 | Financial model; comparable corridor benchmarking |
Dimension 2: Regulatory Environment (max 10 points)
| Indicator | Weight | Assessment Method |
|---|---|---|
| Availability of a viable regulatory pathway (licence, aggregator, or partner model) | 4 | Regulatory counsel assessment; CSNO / Global Head Reg Affairs review |
| Regulatory authority openness to foreign payment operators | 3 | FATF membership and mutual evaluation status; regulator engagement history |
| Estimated time and cost to regulatory authorisation | 3 | Regulatory counsel estimate; comparable licence precedent |
Dimension 3: Sanctions and Country Risk (max 10 points)
| Indicator | Weight | Assessment Method |
|---|---|---|
| FATF status (not on Grey/Black List preferred) | 3 | FATF website; Group Sanctions Policy country risk classification |
| Sanctions exposure - OFAC, UN, EU, HMT | 4 | Group Compliance review; Legal counsel opinion |
| Political stability and rule of law | 3 | Freedom House; EIU Country Risk; World Bank Governance Indicators |
Dimension 4: Operational Feasibility (max 10 points)
| Indicator | Weight | Assessment Method |
|---|---|---|
| Banking and correspondent banking availability | 4 | Treasury assessment; correspondent bank network enquiry |
| Local payment rail maturity and integration complexity | 3 | CSNO technical assessment; existing partner experience |
| Talent availability for in-country team | 3 | HR assessment; executive search scoping |
Dimension 5: Strategic Fit (max 10 points)
| Indicator | Weight | Assessment Method |
|---|---|---|
| Alignment with Group corridor density thesis | 4 | CSNO strategic assessment |
| Ability to leverage existing Group infrastructure | 3 | CTO assessment of platform adaptability |
| First-mover advantage or competitive urgency | 3 | Market intelligence; competitor mapping |
26.2.2 Scorecard Output and Decision Gate¶
| Score Range | Decision |
|---|---|
| 40–50 | Priority market - accelerate entry; allocate resources immediately |
| 30–39 | Proceed to Phase 1 - aggregator / partner model |
| 20–29 | Conditional - address identified gaps before proceeding; 6-month reassessment |
| Below 20 | Do not enter at this time; monitor |
The scorecard output is documented and retained in the Group's market entry file. It is reviewed and updated at each phase transition (Phase 1 → 2 → 3).
26.3 Saudi Arabia¶
26.3.1 Market Context¶
Saudi Arabia is the Group's highest-priority expansion market. The Kingdom is the world's second-largest remittance-sending country (approximately USD 35 billion in annual outbound remittances), with the largest share directed to South Asian corridor countries - Pakistan, Bangladesh, Nepal, and India. The GCC's Vision 2030 programme has accelerated Saudi Arabia's digital payment transformation: the Saudi Central Bank (SAMA) has issued a wave of new payment licences, the Sarie real-time payment system has achieved high interbank adoption, and digital wallet penetration is growing rapidly.
Saudi Arabia also represents a large inbound merchant payment opportunity: Saudi Arabia's e-commerce market is among the fastest-growing in MENA, and international digital merchants increasingly require Saudi payment method coverage.
26.3.2 Phased Entry Model¶
Phase 1 - Aggregator Model (Target: Q2 2026)
Entry via a locally licensed payment processor acting as Simpaisa's aggregator partner. Under this model: - Simpaisa routes transaction instructions to the local licensed partner, who executes payments under their SAMA licence - No direct SAMA licence is required in Phase 1 - Commercial: revenue is shared with the local aggregator partner under a commercial agreement - Products: Pay-Ins and Pay-Outs for international merchants targeting Saudi consumers; remittance origination from Saudi Arabia to South Asia
Operational readiness requirements for Phase 1 include: commercial agreement with local aggregator; technical API integration; SAMA-compliant transaction data handling; AML/CFT due diligence on the aggregator partner; and treasury settlement mechanism establishment.
Phase 2 - Joint Venture with Local Partner (Target: 12–18 months post Phase 1)
Establishment of a joint venture entity with a strategic Saudi partner, providing deeper market access, improved economics (reduced revenue sharing), and a stronger regulatory pathway. Candidate JV partners identified include: - D360 Bank - Saudi digital bank with digital-native infrastructure and fintech partnership appetite - MBC Group - Saudi media and digital conglomerate with large consumer base and digital commerce ambitions - Mawarid Finance - established Saudi financial institution with SAMA relationships
JV structure, equity split, governance, and operational model to be negotiated. SAMA approval will be required for any JV entity conducting regulated payment activities.
Phase 3 - SAMA Major Payment Institution Licence (Target: 24–36 months post Phase 1)
Direct application to SAMA for a Major Payment Institution (Major PI) licence, which would permit Simpaisa (or the JV entity) to independently operate as a licensed payment service provider in Saudi Arabia. The SAMA Major PI licence is the highest category of payment institution licence in Saudi Arabia and would permit the full range of payment services including account issuance, payment execution, and money remittance.
SAMA licensing requirements for a Major PI include: - Minimum capital: SAR 50 million (approximately USD 13 million) - Saudi majority shareholding or SAMA waiver - Governance requirements: board composition, compliance officer, MLRO, risk management framework - Full AML/CFT programme aligned to FATF standards - Technology and operational resilience standards
26.3.3 Commercial Opportunity¶
| Metric | Estimate |
|---|---|
| Saudi outbound remittance market (annual) | ~USD 35 billion |
| South Asia share of Saudi outbound remittances | ~50–60% (PK, BD, NP, IN) |
| Saudi e-commerce market size | ~USD 15 billion (growing 25% p.a.) |
| International merchant demand for SAR payment methods | High (MENA-facing merchants) |
26.3.4 Saudi-Specific Compliance Considerations¶
- SAMA AML/CFT Framework: Aligned to FATF standards; extensive reporting obligations including STR to SAMA and the Saudi FIU (Egmont Group member)
- Zakat, Tax, and Customs Authority (ZATCA): Corporate income tax and Zakat obligations upon entity formation
- Saudisation (Nitaqat Programme): Mandatory minimum percentage of Saudi national employees, applicable to any locally incorporated entity
- Islamic Finance Compatibility: SAMA's regulatory framework applies to all institutions; Simpaisa's merchant screening must ensure no prohibited activity categories (gambling, alcohol, adult content, interest-based financial products contrary to Shariah principles) are served via Saudi rails
26.4 MENA Pipeline¶
26.4.1 Egypt¶
Egypt is an existing Simpaisa remittance Country Addendum market, reflecting established operational engagement with the Egyptian inward remittance corridor. Egypt is the Arab world's most populous country (approximately 105 million people) and a major remittance recipient from the Gulf and Europe. The market presents opportunities for both inward remittance growth and merchant payment services.
Current Status: Egypt Country Addendum operational (remittance inflows).
Near-term opportunity: Expand Pay-Ins and Pay-Outs merchant acquiring via a local licensed aggregator or PSP partnership.
Regulatory pathway: Central Bank of Egypt (CBE) Payment Service Provider licence or aggregator partner model.
26.4.2 Jordan, Kuwait, Bahrain, Oman¶
These markets are under assessment based on merchant commercial interest signals. They share characteristics that make them attractive corridor origination points:
- Significant South Asian diaspora populations (particularly Kuwait, Bahrain, Oman)
- Active outbound remittance flows to Pakistan, Bangladesh, Nepal
- Improving digital payment infrastructure
Market entry in these jurisdictions is expected to follow the aggregator model (equivalent to Saudi Phase 1), given the Group's bandwidth constraints and the priority accorded to Saudi Arabia and Central Asia. The Market Entry Evaluation Framework scorecard (Section 26.2) will be applied to each.
| Market | Primary Opportunity | Regulatory Pathway | Priority |
|---|---|---|---|
| Egypt | Remittance inflows (active); merchant Pay-Ins | CBE PSP licence or partner | Medium - near term |
| Kuwait | Remittance origination (to PK/BD/NP) | CBUAE-equivalent / local licence | Medium |
| Bahrain | Remittance origination; merchant acquiring | CBB licence or partner | Medium |
| Oman | Remittance origination | CBO licence or partner | Lower |
| Jordan | Merchant Pay-Ins; remittance | CBJ licence or partner | Lower |
26.5 Central Asia - Kazakhstan and Uzbekistan¶
26.5.1 Market Context¶
Central Asia presents a distinctive opportunity for Simpaisa that differs from the GCC and South Asia plays. Kazakhstan and Uzbekistan are both experiencing rapid digitisation of payment systems, driven by high mobile penetration, young populations, growing e-commerce sectors, and active government fintech promotion programmes. Both countries have significant labour migration linkages - workers from Uzbekistan and Kyrgyzstan in Russia, Kazakhstan, and UAE represent material remittance flows.
A leading aggregator partner has been identified to support initial market entry in both Kazakhstan and Uzbekistan.
26.5.2 Kazakhstan¶
Target market entry: Q1 2026
Regulatory pathway: Register as a Payment Organisation under the National Bank of Kazakhstan (NBK). Kazakhstan's payment regulation (Law on Payments and Payment Systems) permits foreign-affiliated entities to operate as payment organisations subject to NBK registration. Capital requirements are lower than, for example, Saudi Arabia's SAMA Major PI.
Operative model: - Phase 1: Aggregator model via identified leading local partner - Phase 2: Register as Payment Organisation with NBK under the Group's own regulatory standing - Phase 3: Deepen product suite (Pay-Ins, Pay-Outs, cross-border transfers)
Commercial opportunity: Kazakhstan's growing e-commerce market; cross-border flows from Russia-based migrant workers; merchant payment processing for digital content platforms entering Central Asia.
26.5.3 Uzbekistan¶
Target market entry: Q1 2026 (parallel to Kazakhstan)
Regulatory pathway: Uzbekistan's payment services are regulated by the Central Bank of Uzbekistan (CBU). The CBU has issued a new framework for payment organisations under the Law on Payments and Payment Services, permitting licensed payment organisations to conduct payment aggregation and transfer services.
Operative model: Initially via the same identified aggregator partner as Kazakhstan, leveraging the partner's existing regulatory relationships in both markets.
Commercial opportunity: Uzbekistan's large labour export population (significant Uzbek diaspora in Russia, UAE, and Kazakhstan); e-commerce market growth; merchant payment processing.
26.5.4 Compliance Considerations - Central Asia¶
Both Kazakhstan and Uzbekistan are FATF members and have completed mutual evaluations, with improving AML/CFT frameworks. Key compliance considerations include:
- Russian Federation sanctions exposure: transactions with or through Russian-affiliated entities, banks, or payment rails require enhanced screening and careful structuring, particularly given the sanctions landscape post-February 2022
- Kazakhstan and Uzbekistan are not themselves sanctioned, but serve as transit jurisdictions for Russian-adjacent flows; enhanced due diligence and transaction monitoring rules are applied
- Local AML/CFT registration requirements (NBK / CBU) upon licence registration
26.6 New Market Operational Playbook¶
The New Market Operational Playbook is a standardised template that Country Heads, the CSNO, and the Global Head of Regulatory Affairs apply to every new market entry. It sequences the required workstreams from initial evaluation through to full operational go-live, ensuring that no critical dependency is missed and that regulatory, operational, compliance, technology, and commercial readiness are achieved in the correct order.
Stage 1: Market Evaluation (Weeks 1–8)¶
Owner: CSNO (Bachir Njeim)
Inputs: Market Entry Evaluation Framework scorecard, commercial pipeline data, regulatory counsel assessment
| Action | Responsible | Output |
|---|---|---|
| Complete Market Entry Evaluation Scorecard | CSNO + Global Head Reg Affairs | Scored assessment; go/no-go recommendation |
| Prepare commercial opportunity analysis | CRO / CSNO | Revenue model; TAM sizing; merchant pipeline |
| Engage regulatory counsel in-country | Global Head Reg Affairs | Written regulatory pathway assessment |
| Brief CEO and ELT | CSNO | ELT approval to proceed to Stage 2 |
Gate: ELT approval required to proceed.
Stage 2: Regulatory and Legal Preparation (Weeks 9–24)¶
Owner: Global Head of Regulatory Affairs (Shoukat Bizinjo)
Inputs: Regulatory pathway assessment; legal counsel instruction
| Action | Responsible | Output |
|---|---|---|
| Incorporate local entity or establish branch (if required) | Global Head Reg Affairs + COO | Certificate of incorporation; branch registration |
| Engage local regulatory authority (pre-application meeting) | Global Head Reg Affairs | Regulatory authority relationship established; application requirements confirmed |
| Draft and submit licence application or partner agreement | Global Head Reg Affairs + Legal counsel | Application submitted or partner agreement executed |
| Appoint local legal counsel | COO / Global Head Reg Affairs | Retainer agreement in place |
| Complete partner due diligence (if aggregator model) | Global Head Reg Affairs + Compliance | DD report; partner approval |
| Establish local bank account | Global CFO + Treasury | Bank account open; signatories confirmed |
| Register for local tax | Global CFO | Tax registration certificate |
Gate: Regulatory pathway confirmed (licence in progress or partner agreement executed).
Stage 3: AML/CFT and Compliance Framework Build (Weeks 12–28)¶
Owner: Global Head of Regulatory Affairs + Group Compliance
Inputs: Local regulatory AML/CFT requirements; Group compliance framework
| Action | Responsible | Output |
|---|---|---|
| Prepare country-specific AML/CFT policy addendum | Compliance + Global Head Reg Affairs | Draft policy; Board approval |
| Configure sanctions screening (Eastnets) for new jurisdiction | CISO + Compliance | Country added to screening; country-specific lists loaded |
| Set up transaction monitoring rules for new market | Compliance + CTO | TM rules configured; tested |
| Appoint local Money Laundering Reporting Officer (MLRO) or designate | Compliance + Country Head | MLRO designated; registered with local authority |
| Conduct AML/CFT training for new in-country staff | Compliance | Training completed; records retained |
| Establish local STR reporting relationship (local FIU) | Global Head Reg Affairs | FIU reporting mechanism confirmed |
Gate: AML/CFT framework approved by Board; compliance officer / MLRO in place.
Stage 4: Technology Integration (Weeks 16–32)¶
Owner: CTO (Saqlain Raza)
Inputs: Payment channel partner APIs; local payment rails technical specifications
| Action | Responsible | Output |
|---|---|---|
| Technical scoping of local payment rail integrations | CTO + Pay-Ins / Pay-Outs leads | Integration scope document |
| API integration development - Pay-Ins channels | Pay-Ins team (Pawan Kumar) | Integrated payment channels; unit tested |
| API integration development - Pay-Outs channels | Pay-Outs team (M. Khizer) | Integrated disbursement channels; unit tested |
| SQA test cycle - new country integrations | SQA team (Owais Khalid) | Test report; defects resolved |
| UAT with local partner | CTO + Country Head | UAT sign-off |
| Production deployment and smoke testing | DevOps team (M. Mohsin) | Production go-live confirmation |
| Merchant portal localisation (language, currency) | Portal team (Iqbal Butt) | Portal updated for new market |
Gate: CTO sign-off on technical readiness; SQA test report approved.
Stage 5: Commercial and Operational Readiness (Weeks 20–36)¶
Owner: Country Head (new market)
Inputs: Signed payment partner agreements; merchant pipeline
| Action | Responsible | Output |
|---|---|---|
| Appoint Country Head (new market) | CEO + COO | Country Head in role |
| Build in-country operational team (minimum: ops lead, compliance contact) | Country Head + HR | Team in place |
| Finalise commercial agreements with payment partners | Country Head + CRO | Signed partner agreements |
| Onboard first wave of merchants | CRO + Country Head | Signed MPSAs; technical integrations |
| Establish treasury pre-funding mechanism | Global CFO + Country Head | Float in place; settlement bank account operational |
| Configure settlement and reconciliation processes | Country Head Pakistan + Country Head | Recon process documented and tested |
| Agree operational KPIs and reporting rhythm | Country Head + COO | KPI dashboard live |
Gate: Country Head sign-off on operational readiness; CFO sign-off on treasury readiness.
Stage 6: Go-Live and Post-Launch Review (Weeks 32–52)¶
Owner: Country Head + COO
Inputs: All prior stage outputs; first transaction data
| Action | Responsible | Output |
|---|---|---|
| Supervised go-live - first transactions processed | Country Head + CTO | First transaction confirmed; no critical issues |
| 30-day post-launch review | Country Head + COO + CRO | Operational performance review; issues log; corrective actions |
| Regulatory reporting - first cycle | Country Head + Compliance | First regulatory reports submitted |
| 90-day commercial performance review | CRO + Country Head + CEO | Revenue vs. plan; go/no-go for Phase 2 |
| ELT market update | Country Head + CSNO | ELT briefed; Phase 2 planning initiated if applicable |
Gate: 90-day commercial performance review; ELT decision on Phase 2.
26.6.1 Playbook Timeline Summary¶
| Stage | Duration | Critical Dependencies |
|---|---|---|
| 1. Market Evaluation | Weeks 1–8 | Scorecard; regulatory counsel |
| 2. Regulatory and Legal | Weeks 9–24 | Entity/branch; licence or partner |
| 3. AML/CFT Build | Weeks 12–28 | Policy approval; MLRO appointment |
| 4. Technology Integration | Weeks 16–32 | Partner APIs; SQA sign-off |
| 5. Commercial Readiness | Weeks 20–36 | Country Head; merchant pipeline |
| 6. Go-Live and Review | Weeks 32–52 | Full readiness confirmation |
Minimum time from ELT approval to go-live: approximately 8 months (32 weeks). Markets with a straightforward aggregator model (no own licence required) can compress to 5–6 months where regulatory and partner dependencies are resolved promptly. Markets requiring own licence applications should plan for 12–18 months from ELT approval to go-live.
26.6.2 Playbook RASCI - Summary¶
| Activity | CEO | CSNO | COO | Global Head Reg Affairs | CTO | CFO | Country Head | Compliance |
|---|---|---|---|---|---|---|---|---|
| Scorecard and ELT approval | A | R | C | C | I | C | I | C |
| Entity / licence setup | I | C | A | R | I | C | C | C |
| AML/CFT framework | A | I | C | R | I | I | C | R |
| Technology integration | I | I | C | I | A/R | I | C | I |
| Commercial readiness | I | C | A | I | I | C | R | I |
| Go-live authorisation | A | C | R | C | C | C | R | C |
Key: R = Responsible | A = Accountable | C = Consulted | I = Informed
26.6.3 New Market - Minimum Viable Team¶
The minimum in-country team at go-live is:
| Role | Minimum Requirement |
|---|---|
| Country Head | Appointed; P&L accountable |
| Operations Lead | In-country; settlement and reconciliation |
| Compliance / MLRO Contact | Designated; may be shared with Group compliance initially |
| Legal Counsel | Retained (may be external) |
| Treasury Contact | In-country or regionally managed by Group CFO |
Section 26 forms the strategic expansion framework for the Simpaisa Group as at April 2026. The Market Entry Evaluation Scorecard and New Market Operational Playbook are living documents, subject to revision by the CSNO and COO as the Group's expansion experience accumulates.
Document Control¶
| Field | Detail |
|---|---|
| Document Title | Simpaisa Group Operating Model - Part IX: Country Operating Models (Sections 20–26) |
| Version | 0.1 |
| Date | April 2026 |
| Owner | Chief Digital Officer - Daniel O'Reilly |
| Classification | Confidential - Internal Use Only |
| Review Cycle | Annual, or upon material change to any jurisdiction |
| Next Review | April 2027 |
This document forms Part IX of the Simpaisa Group Operating Model. Cross-references to Sections 8–10 (Core Business Processes), Section 11 (Regulatory Framework and Licensing), Section 12 (Compliance Programme), Section 13 (Enterprise Risk Management), and Sections 27–28 (Policies, Standards and Procedures) should be read in conjunction with this Part.