Remittances - User Journey¶
Source: Simpaisa Operating Model v1.0, April 2026
1. Product Overview¶
Simpaisa's remittance product enables consumers and Money Transfer Operators (MTOs) to send funds from source markets to recipient households across active corridors. Two operating models are in use:
-
Retail white-label / co-branded corridor - Simpaisa provides the full technology and settlement stack under a partner's brand. The end user interacts with a partner-branded application (e.g. TangoPay) while Simpaisa operates the compliance, FX, and pay-out engine behind the scenes.
-
B2B wholesale rail - Simpaisa provides settlement and last-mile delivery infrastructure to licensed MTOs acting as downstream partners. The MTO holds the direct sender relationship; Simpaisa handles disbursement, operator routing, and confirmation.
Corridor Map¶
| Source Market | Destination Market | Send Currency | Receive Currency | Status |
|---|---|---|---|---|
| UAE | Pakistan | AED | PKR | Live |
| UAE | India | AED | INR | Live |
| UAE | Philippines | AED | PHP | Live |
| UAE | Bangladesh | AED | BDT | Live |
| UAE | Nepal | AED | NPR | Live |
| UK | Pakistan | GBP | PKR | Live |
| UK | India | GBP | INR | Live |
| Saudi Arabia | Pakistan | SAR | PKR | Pipeline |
| Canada | Pakistan | CAD | PKR | Pipeline |
2. Transaction Lifecycle¶
Each remittance transaction passes through five sequential stages. The end-to-end SLA target is under 180 seconds for real-time corridors.
-
Initiation - Sender authenticates via the partner app or Simpaisa consumer app. Transaction details (amount, destination, recipient) are captured and a quote is generated with a locked FX rate valid for 60 seconds.
-
Compliance screening - Sender and recipient names are screened against OFAC, UN, EU, and local sanctions lists. AML rules engine evaluates velocity, amount, and behavioural signals. High-risk transactions are flagged for manual review.
-
FX conversion and settlement funding - Simpaisa's treasury pre-funds destination-country accounts on a rolling basis. The FX rate is locked at initiation; settlement risk is borne by Simpaisa.
-
Operator routing and disbursement - The Global Network Function (GNF) engine selects the optimal pay-out operator based on success rate, cost, and speed SLA. Payout is triggered via operator API.
-
Confirmation - Operator confirms credit to recipient. Simpaisa sends real-time push notification to sender. Transaction record is finalised in ledger.
3. Regulatory and Compliance Framework¶
Simpaisa operates under a layered licensing model across source markets:
| Market | Licence Type | Regulator | Licence Holder | Status |
|---|---|---|---|---|
| UAE | Stored Value Facility (SVF) + Money Transfer | CBUAE | Simpaisa FZ LLC | Active |
| UK | Authorised Payment Institution (API) | FCA | Simpaisa UK Ltd | Active |
| Saudi Arabia | Payment Service Provider | SAMA | Simpaisa KSA Co. | Application in progress |
| Canada | Money Services Business (MSB) | FINTRAC | Simpaisa Canada Inc. | Application in progress |
AML/CFT Programme¶
The AML/CFT programme is owned by the Chief Compliance Officer (CCO) and operates across all entities. Key controls include:
-
Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) for high-risk customers
-
Transaction monitoring with rule-based and ML-assisted anomaly detection
-
Sanctions screening at transaction initiation and on scheduled re-screening
-
Suspicious Activity Report (SAR) filing workflows with regulator-specific formatting
-
Annual independent AML audit
4. Technology Architecture¶
Simpaisa's platform is a cloud-native, microservices-based system deployed on AWS. The architecture is designed for high availability (99.9% uptime SLA), horizontal scalability, and regulatory data residency requirements.
Core Platform Components¶
| Component | Function | Owner |
|---|---|---|
| API Gateway | Single entry point for all client and partner API calls; handles auth, rate limiting, and routing | Platform Engineering |
| Transaction Engine | Orchestrates the end-to-end transaction lifecycle; manages state machine transitions | Core Product |
| Global Network Function (GNF) | Operator selection, routing rules, and network expansion engine | Network and Partnerships |
| Compliance Engine | Sanctions screening, AML rules, KYC orchestration | Compliance / Security |
| FX and Treasury Service | Live rate ingestion, rate locking, spread management, treasury position tracking | Finance / Treasury |
| Notification Service | Push, SMS, and email notifications to senders; webhook callbacks to partners | Platform Engineering |
| Data Platform | Event streaming (Kafka), data warehouse (Redshift), BI and analytics layer | Data and Analytics |
| Identity and Access | KYC document verification, biometric checks, and session management | Security |
Infrastructure and Deployment¶
-
Cloud provider: AWS (primary), with multi-region active-passive for UAE and UK
-
Container orchestration: EKS (Kubernetes)
-
CI/CD: GitHub Actions with environment promotion gates (dev - staging - prod)
-
Secrets management: AWS Secrets Manager + HashiCorp Vault
-
Observability: Datadog (APM, logs, dashboards), PagerDuty (alerting)
-
Data residency: UAE transaction data stays in AWS me-south-1 (Bahrain); UK data in eu-west-2 (London)
5. Organisational Structure¶
Simpaisa operates under a Chief Digital Officer (CDO) function that encompasses Product, Technology, Data, and Security. The CDO reports to the Group CEO.
CDO Division¶
| Group | Lead | Headcount | Key Responsibilities |
|---|---|---|---|
| Product | VP Product | 8 | Roadmap, discovery, partner product requirements |
| Engineering | VP Engineering | 32 | Platform delivery, reliability, API integrations |
| Data and Analytics | Head of Data | 6 | Data warehouse, BI, ML models, reporting |
| Security | CISO | 5 | AppSec, cloud security, identity, compliance tooling |
| Production Operations | Head of Ops | 7 | Incident management, SRE, on-call, runbooks |
6. Partner Integration Model¶
Partners (white-label operators and B2B MTOs) integrate via Simpaisa's REST API suite. Integration is managed by the Partnerships team with technical support from Platform Engineering.
Integration Tiers¶
| Tier | Description | API Coverage | Typical Time to Live |
|---|---|---|---|
| Tier 1 - Full Stack | White-label with branded app, full KYC, and FX | Full (KYC + TX + FX + Webhooks) | 8-12 weeks |
| Tier 2 - Settlement Only | MTO uses own front-end and KYC; Simpaisa handles settlement | TX + FX + Webhooks | 3-5 weeks |
| Tier 3 - Disbursement Rail | MTO pushes pre-approved transactions; Simpaisa disburses only | TX + Webhooks | 1-2 weeks |
7. Key Performance Indicators¶
| KPI | Definition | Current (Q1 2026) | Target (FY2026) |
|---|---|---|---|
| Transaction Success Rate | % of initiated transactions that reach Confirmed state | 94.2% | 97% |
| End-to-End Latency | Median time from initiation to confirmation | 142 seconds | Under 120 seconds |
| Platform Availability | Monthly uptime of core transaction path | 99.91% | 99.9% |
| Compliance Screening Time | P95 time for automated sanctions + AML pass | 3.1 seconds | Under 5 seconds |
| Partner API Uptime | Availability of partner-facing API endpoints | 99.97% | 99.95% |
| Sender NPS | Net Promoter Score from post-transaction survey | 61 | 70 |
| Monthly Active Senders | Unique senders with at least one completed transaction in the month | 48,200 | 120,000 |
| Total Payment Volume (TPV) | Gross value of transactions processed | USD 23M / month | USD 80M / month |
8. Risk Register (Operational)¶
| Risk | Category | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| Operator outage causing failed pay-outs | Operational | Medium | High | GNF automatic failover to backup operator; P1 incident SLA 15 minutes |
| Regulatory licence suspension | Regulatory | Low | Critical | Proactive regulator engagement; monthly compliance reviews; legal retainer in each market |
| FX treasury loss from rate movement | Financial | Medium | High | 60-second rate lock window; hedging programme for high-volume corridors |
| Data breach / cyber incident | Security | Low | Critical | SOC 2 Type II programme; annual pen test; 24/7 SIEM monitoring; IR retainer |
| Key person dependency (engineering) | People | Medium | Medium | Documentation standards, cross-training programme, succession planning |
9. SDLC and Delivery Model¶
Engineering operates a two-week sprint cycle using Scrum. Product discovery, design, and backlog refinement run one sprint ahead of development.
Delivery Gates¶
| Gate | Description | Owner |
|---|---|---|
| G1 - Discovery Sign-off | Problem validated, user research complete, business case approved | VP Product |
| G2 - Design Review | UX designs approved; accessibility checked | Product + Design |
| G3 - Architecture Review | Technical design approved; security review passed | VP Engineering + CISO |
| G4 - QA Sign-off | Functional and regression tests passed; performance benchmarks met | QA Lead |
| G5 - Release Approval | Change advisory board sign-off; rollback plan confirmed | VP Engineering |
10. Document Control¶
| Field | Value |
|---|---|
| Document title | Simpaisa Operating Model v1.0 |
| Version | 1.0 |
| Status | Draft - For Review |
| Owner | Chief Digital Officer |
| Created | April 2026 |
| Next review | July 2026 |