#41 – RegTalks with Gary Mushrow, Orbital

Transcript

Claus: Welcome to Reg Talks, the podcast dedicated to the latest trends for the world of regtech, fintech, and financial regulations. My name is Claus Christensen, and I’m the CEO and Co-Founder of award-winning RegTech Know Your Customer Limited. Today, it’s my great pleasure to welcome Gary Mushrow, Head of Compliance Product at Orbital as my guest. Gary is a seasoned product leader with a focus on compliance and risk in fintech.

Claus: With over fifteen years of experience across banks, scale-ups, and higher growth fintechs, Gary has led compliance product strategy at companies like Payoneer, CurrencyFair, and now Orbital, where he heads product compliance. His work spans everything from AML and sanctions screening with a sharp understanding of global financial regulations.

Claus: Gary holds an MSc in finance, a diploma in GRC, and is a certified member of the International Compliance Association. Thanks for joining, Gary.

Gary: Thank you, Claus. It was quite the introduction. Thank you.

Claus: Pleasure to have you. Let’s dive right in. To begin with, can you please share a bit about your journey in compliance and how it led you to your current role at Orbital? What inspired you to join the digital asset space, and what challenges have you encountered along the way?

Gary: Thank you. Yeah. I think technology and its implementation in finance has always been something that has gripped me. The financial crime side of the business is something that didn’t take long for me to get involved in looking at how we prevent and work against that.

Gary: Starting by, obviously, seeing some of those controls and systems in action early in my career at Santander, and really getting the chance to jump into that area once I joined my first sort of FinTech startup. You get a lot of exposure to different areas of the business, and that was something that I was drawn towards.

Gary: And that’s been a part of my career to date. It’s probably where I excel best, just understanding where we’ve got a particular framework, a compliance framework that we need to implement, and how technology can supplement that and act effectively.

Claus: Yeah. I can absolutely relate to that. At the beginning, when I started in compliance, my background is technical; I have a degree in computer science. But once I got into it, it really captured my imagination. What can we do from our end to help this area, which is really important? Financial stability and all the possibilities of global finance are exciting. I see that mirrored a bit here. Can you tell me a bit more about Orbital? Because before we worked with Orbital, we didn’t know that much. What does the latest venture that you got involved with actually do? How do you differentiate it in this very interesting market?

Gary: Yeah. So Orbital, we’re a global payments platform. We’ve been around for about eight years now, orchestrating different payments flows. We pride ourselves on being a secure and seamless stablecoin option, also utilizing the power of traditional currencies to help our customers globally. We’ve got quite a footprint now after eight years. We’re authorized by the FCA in the UK and in Gibraltar as an EMI and a DLT. And, yeah, we’re looking at further expansion shortly.

Claus: All in one platform sounds really intriguing.

Claus: Mhmm. If you think about that and multiple licenses as well, that must be a huge feature set you have there. Can you go a little deeper on that? Why should anybody choose the Orbital platform?

Gary: Yeah. It’s what it says on the tin in terms of we’ve got that all-in-one platform. We’ve been listening to our customers over that journey of eight years and saying, okay, what are the problems that they’re particularly trying to solve?

Gary: One thing we hear from our customers consistently is the accessibility and availability of things like virtual IBANs. And having that mix of virtual IBANs, stablecoin wallets, and the ability to pay in and pay out for them and their customers across both traditional currencies and different stablecoins interchangeably, and a lot of exotic currencies that we currently support. I think the number is up to around eighty, if I’m not mistaken.

Gary: So having that as the platform where a customer can log in and we can offer those services to them all in one place, that’s our real strength, and that’s what our customers are benefiting from at the moment. Particularly when they’re trying to move funds cross-border, stablecoin is a key facet, a key part of that formula, which is helping us reduce fees for our customers and provide them with the ability to offer a 365. So they do not have to operate and monitor the normal fee of banking schedule, and that’s a real benefit to finance teams, as we know from our customer feedback.

Gary: And it’s something we’re going to keep driving from strength to strength.

Claus: Just to be sure I get this right, this sounds quite amazing. So first of all, you’re licensed in multiple jurisdictions. You bridge both the stablecoin crypto and the traditional IBAN rails, and you have that in multiple jurisdictions and twenty-four-seven full availability.

Gary: Exactly. What we’re trying to address is what we’re hearing from our customers, particularly those in emerging markets. We’re listening to what they’re struggling with and how our digital assets are actually helping them overcome those challenges.

Gary: Like, for instance, a big one we hear quite often from our customers is that they’re facing difficulties using the SWIFT system for settlements. And when we start to talk to customers about the usage of stablecoins in this space as an alternative, that’s when we’re getting real traction. We also have a lot of customers or their particular customers with no or limited access to USD banking and the ability to move USD around the world. And that’s where stablecoins like USDT and USDC come into their own.

Gary: It also offers real benefits to DAOs. Through the traditional payment rail system that we have, which has been around for quite a few years, there are so many different intermediaries that slow the whole process down. That’s why something like our platform comes into its own because stablecoins are borderless, and it means that we get fewer holdups for our customers, particularly on things like misalignments or time zones.

Gary: We give our customers a lot of visibility on their transactions on our platform. So it’s less opaque for them, and we make it clear what they’re paying for their transactions, their fees, and how long these transactions will settle for. I think it’s almost sort of breaking barriers for customers in emerging markets without access to those traditional banking rails. Giving them that near-instant twenty-four-seven settlement is turning payments that they want executed into minutes rather than days. That’s the feedback we’re hearing from our customers, and that’s the use case we’ve tried to tackle.

Claus: I absolutely understand that, and I can see how, especially in emerging markets, that would be a big feature. But honestly, even the first world can improve a lot. Most of our clients are larger financial institutions. They obviously pay through the standard rails, and we live with all these delays and limited visibility. My CFO would be glad if one of the big banks would send the payments through your platform because then we would have visibility, and it would be twenty-four-seven or overnight, not just in chunks during the day. I absolutely agree; it’s a huge feature.

Gary: Yeah. Being able to offer that on and off-ramping to our customers is something that brings you pride when you’re seeing the use cases come into action off the paper. Some of the introductory meetings we have with our customers and their finance teams are actually bringing to life and seeing it after those initial consultations and meetings, and seeing those teams take advantage of the product we have to offer. It’s satisfying to talk about, but it’s also satisfying to see in action.

Claus: That’s part of the startup journey that we both have. It’s just this unique satisfaction of working on something that moves the world, where you can actually see it working after a while. It’s fascinating. I don’t think it’s easy to go back to a standard nine-to-five after that.

Gary: And I mean, there are not many platforms that offer what we do in terms of being that all-in-one platform where our customers can log in and access those services like virtual IBANs and on and off-ramp into stablecoin or traditional currencies, doing that in real-time. It doesn’t matter that you have to log on to the platform at eleven o’clock at night. The idea that these things can still be done is something traditional finance teams just haven’t had the ability to do. There’s always been a time gap. There’s always been an opportunity to reduce those times, particularly in payments, and that’s why stablecoins and providers like us fill in that gap. There’s no need for people to wait around for their money anymore.

Claus: That’s right. I flinched a little when you mentioned multiple licenses. That must have been a good bit of work. Could you explain the significance of holding licenses across different jurisdictions? Why go to this extent?

Gary: So from a customer’s perspective, we’re seeing that a multi-licensing model is really useful. We’re seeing that we can offer different products across different licenses. We also offer customers redundancy as well. If there is a particular issue or downtime with our service with one particular entity in their license, holding that multi-licensing model means that our service has that redundancy.

Gary: It also means that we can service different customers in different locations. That’s why we are building out that licensing model. We obviously have different types of licenses. As I mentioned earlier, we’re regulated in the UK as a payments service provider. In Gibraltar, we have a e-money institution license, and then we’re a VASP as well, a virtual asset service provider in Gibraltar, as well as one in Estonia. We have authorization in Switzerland as well, and a few BQFSRO members in Switzerland.

Gary: What that allows us to do is service customers in different jurisdictions and offer them different services. It really is to the customer’s benefit that we have these licenses because it offers redundancy in these places. It also opens up possibilities for new products and quicker payment flows. Yeah, it is the way forward, I think.

Claus: You mentioned you have a VASP license, so you’re also under the FODF virtual asset regulation or recommendations transposed into regulations everywhere. Even listeners with not so much of a crypto background will have heard of the FATF travel rule. What do you think about that? How does it apply in your space where you cross over?

Gary: Yeah. It’s been a big piece for us, particularly for our customers and in the education side of it, as well as the implementation of the changes we’ve had to make. Because we are licensed in the EU, we do have to abide by travel rule regulation. When we break down the travel rule, it’s quite clear to people, and they are aware of what it is and that it has been around essentially in a context for traditional fee payments.

Gary: Even in fee payments, our banks do send information about the payment to their counterparties. So banks know where a payment is originated. They know who the beneficiary of that payment is, and it helps them with their AML processes, such as transaction monitoring. What that is doing is bringing that into the digital asset world, particularly around B2B payments and B2B2C payments.

Gary: Under our different licenses, we have different obligations for the travel rule. Essentially, what we’re doing with our customers is taking them on a journey and saying, okay, this is particularly in the EU, this is more than you probably provided before when we were complying with something like the Estonian travel rule requirements, moving up into the EU travel rule requirements, which are being published.

Gary: It’s the education piece about explaining why we’re capturing that from the customer, helping them with that integration piece, where they’re providing us with more data and explaining why or how we’re going to use that data. With the travel rule, you’ve got different levels of requirements from each of the regulators where we’re licensed.

Gary: It could be that there is regulatory divergence between two licenses. So when we have customers on particular licenses, we are helping them with that integration. It’s also useful data on our side, of course, the primary reason of preventing financial crime and using that in our wider AML framework.

Gary: So, yeah, the travel rule is not something new to all of us who’ve obviously been operating in payments. It’s been a long-time thing for fiat payments, banks communicating with each other. But this is us saying as virtual asset service providers in the digital asset world, okay, we are going to send each other this information as mandated by our regulators, and we’re going to understand who the originators and beneficiaries are of our payments.

Claus: Yeah. It does make sense. In the end, you’ll exclude some elements who would rather stay underground and not be visible, but you win the huge area of legit payments where all those benefits we discussed earlier are really, really helpful. It’s such a bigger experience and a bigger area. In regulations, there’s another big thing that’s MICA or MiCA. How do you say it actually? How are you preparing for the potential impact of that on operations and clients? Kind of a similar story?

Gary: Yeah. It’s been of a similar scale to our travel rule project internally, something we’re taking super seriously. You’d see from the side of the teams that are working on it and how multi-department it is. If you are truly embedding something like the travel rule or even, you know, MiCA more generally, it is a whole company endeavor. It’s not something which is done in isolation within a couple of departments.

Gary: Particularly with MiCA, we’ve been looking at aligning all of our operational policies and requirements and making sure that they all are compliant with MiCA and things like capital adequacy and risk disclosures.

Gary: I think the real impact we’re looking at with MiCA is how it will probably segment the market in the stablecoin space. The divergence between those stablecoins which are regulated under MiCA that can be used within the European Economic Area and those digital assets which are noncompliant and will face some sort of usage restriction.

Gary: So we’re actively working as a company to look at our digital asset base, look at our customers, look at our licensing, and actively ensuring we’re working for full compliance on our platform and ensuring that when we keep compliant, that’s something that’s really important to the business.

Gary: If you think about it from our customer’s perspective, it brings them a lot of clarity. It allows them to scale their operations knowing that they’re with a provider who is operating within a regulated framework. So it is a lot of work for us, but it’s something our customers can be confident with, and that is the intention and spirit of it. Yeah, so it’s been taken quite seriously.

Claus: I believe that. And what I’m hearing there is that you and your position create tremendous business value with your specific decisions that open these markets and segment them in the right way, allowing the whole company to move forward. Amazing. Really big part.

Claus: That’s what I meant in the beginning. It’s so interesting what compliance actually means to businesses and how it interacts with the rest. It’s much more fascinating than you’d think if you come from a different area into it. Oh, this is just a checkbox now. This is where the real decisions are made.

Gary: Yeah. I think the real strength is Orbital, and back to our multi-licensing model. Things like our security certifications, that’s a big thing. You know, if we talk about more general compliance, we take it really seriously. If you take a look at our website and see the core things we’ve invested in for our platform, like ISO 27001 for our customers, SOC 2 Type II, cyber essentials plus.

Gary: These are all things that, along with travel rule and compliance, show our customers that we’re taking compliance seriously. It’s a big part of the culture of our company and a big part of the products that we develop for them. They need to feel safe in that when their money is within our platform that it’s protected.

Gary: Particularly with travel, though, we’re seeing if you just read on the market, you’ll see pages like LinkedIn, you read forums, you’re seeing a lot of VASPs pop up in overseas territories where there’s not much regulation around them and there’s not much stability or even, in fact, any sort of licensing framework or very light licensing framework around these VASPs.

Gary: That’s something we say to customers: we will at Orbital always help in terms of regulatory change, any changes that we need to make and you need to make to be compliant. Because, I mean, we’re trying to do things safely here, and it is worth coming on that journey with us. We’ll make it as frictionless as possible for you and, you know, if they have customers as well, our customers.

Gary: So, yeah, it’s a big part of our culture. It’s a big part of our message, and it’s a big part of our branding that we are one of the most compliant providers out there.

Claus: Yeah. But you also built a very innovative and really impressive platform there in tech. What innovations would you say are you most excited about that could shape how the future of compliance looks in the digital asset ecosystem?

Gary: I think it’s looking at the adoption of stablecoins. It’s not a case of trying to prove out that use case to people anymore. We’ve got perfect examples of how stablecoins and that blend of fiat on our platform are actually alive now, providing real-world use cases for customers.

Gary: I think to an extent that the period of experimentation for stablecoin usage still exists a little bit, but it’s becoming less and less because companies are actually clear on the advantages that stablecoins provide. So the innovation is more about the adoption, bringing it in this manageable, secure, and compliant form into the market. And that in itself is a huge jump.

Claus: I absolutely see that. So where do you think, if you think about the bigger ecosystem or the bigger picture here, we are on the adoption curve? If you look at other companies, obviously, you’re more at the cutting edge, but you will see a lot more companies out there not using this. Where are we? Are we in the first quarter, or are we in the third quarter of adoption? There’s a lot happening.

Gary: In terms of adoption, I’d say we’re at the end of the tail, working our way up that long tail. If you look at fiat use for cross-border payments now, it’s still huge compared to that of stablecoins. We see that increasing incrementally quarter by quarter. That’s going up. But I think we’re just at the start of the journey of our own use cases that can be displayed by our platform.

Gary: We’re seeing stablecoins locking a level of capital efficiency that simply isn’t possible with legacy fiat rails. We’re seeing companies, even on our platform, moving from end-of-day batch settlements to real-time treasury sweeps across jurisdictions. And that’s all being powered by stablecoins.

Gary: I think a big thing we’ll see in the coming years is more and more finance teams looking to integrate stablecoins into existing ERP systems and treasury management platforms. We’ll see that accelerating.

Claus: Yeah. Before we discuss this podcast, I did hear that you are now working with multinational companies already. So that’s one bit where you could say the adoption is progressing there, right?

Claus: Yeah. For us, with our technology, it’s always a measure when we get into market leaders in their regions. But it’s even more interesting or significant for us and the investors in our company that we actually made it into multinational entities. In our case, it’s banks, but nonetheless, if you go across a specific region and go larger, that’s always a big step. And you’ve done the same, right?

Gary: Yeah. But see, in sort of a structural shift, lots of the big enterprises that you see worldwide have probably watched in the last couple of years with a sense of curiosity around stablecoin use. They’ve watched how it’s played out, but you can see the massive growth, the massive drive establishments like JPMorgan are taking in the stablecoin and digital asset space and how they’re using them for settlement.

Gary: I think just growing frustrations with traditional correspondent banking systems, particularly around settlement delays and cut-off times and fees that people can’t explain, why they’re paying such a high fee to move money from one point to another. As the stablecoin ecosystem has matured, we’re seeing this on our platform as well. We’re seeing big enterprises actually coming to use the platform and moving beyond being crypto onshore and naive to being crypto native, thinking about tools like our platform for serious real-world scenarios for their business.

Gary: Over the last eight years, we’ve seen the client base shift entirely from smaller firms towards larger and larger firms looking for stablecoin adoption and having the ability to work on multi-asset treasury management of currencies on our platform.

Claus: That is something—multi-asset treasury management. I have one question that I ask everybody in this podcast, and that is considering you’re in different regulations, you will have something to say about it. If you were to switch roles and tomorrow woke up to become the global regulator, what would you do?

Gary: I mean, a global regulator is quite a thing. What we’re seeing a lot in the real world right now is what you probably describe as regulatory arbitrage between different regulatory providers outside the EU and in different places around the world. I think I’d prioritize regulatory clarity because there are areas in the regulation where it is emerging and being written month by month.

Gary: The point in time where stablecoins used for retail speculation has sort of ended, and it’s fundamentally different from those used for B2B payments or wholesale settlement. I’d look at something like the travel rule, where we’re seeing different virtual asset service providers pop up in different countries.

Gary: We’re speaking to our clients, getting feedback, and understanding the pain points for them in providing some of that data. If I were a global regulatory body, I’d standardize that across all different territories so that there wasn’t a chance for arbitrage for a virtual asset service provider that popped up in a particular territory and said something like the travel rule didn’t apply. That would bring a lot of clarity to the industry about how it’s going to be implemented and how it’s going to work, which is always good for customers, right?

Gary: I think there’s something that will come with time, which is as the regulatory frameworks mature around crypto assets, we’ll all become clearer on the direction in which certain regulators are going. We have to be careful that we don’t stifle innovation with overregulation in this space because it’s remarkable how far it’s come in a few short years.

Gary: It’s going to be under increased pressure because the expectation is that the regulatory requirements on something like fiat payment rails are mirrored across the digital asset space. But it’s really key that the level of innovation is kept high, the regulation is manageable and understandable, and it’s clear why particular regulations are being put in place or implemented. That gives creators and companies like ours the ability to think outside the box, considering what sort of services and products will be used by our customers.

Gary: Yeah, that’s where I go with that.

Claus: It’s always a difficult balance, and I don’t agree that this balance was always right in the past between regulation and innovation. From a tech perspective, I will always say, well, regulation can be strong if there is technology that helps mitigate the effects.

Claus: Actually, another thought came to my mind there, and you had me worried. When we started the podcast a few years ago, that last question was just a little add-on. We thought, oh, yeah, that’s a good one to ask everybody because the idea was generally that there would be regulation that would come together over time in the world. I think that narrative due to recent events is somewhat gone. There’s not that certainty anymore that we had a few years ago. But in the end, there will be a global regulation that kind of unifies everything.

Claus: Doesn’t seem to be that likely at the moment.

Gary: No. I agree. And it’s only something I said because you made me the global head of regulation for the digital asset space.

Claus: Well, I’m sorry, Gary. These are the rules, and I make them. It’s my podcast.

Claus: But you got me thinking there.

Gary: Yeah. I think, look. If we stand back and say, okay, we’ve got a whole host of different regulators worldwide who are looking at the digital asset space and how stablecoins are utilized and the real-world use cases in which they’ve been administered by companies. Reducing any sort of jurisdictional fragmentation around regulation would help because, I mean, regulatory arbitrage doesn’t help anybody. It doesn’t benefit anyone long term. Short term, it could, but long term, it doesn’t really help. It adds compliance costs on some multi-license and multi-jurisdictional businesses. I think a more tiered approach of frameworks would help.

It would help segregate systematic risk from enterprise utility.

Claus: Yeah.

Claus: Well, with that, Gary, this has been fascinating. I have a completely new appreciation of the role of compliance in driving, especially, this asset space. Absolutely amazing. Thank you for this podcast. Thank you for coming on.

Gary: Thank you very much, Claus.

Claus: Thank you for listening to this episode of RegTalks. My name is Claus Christensen, and I’m the CEO and co-founder of the award-winning regtech provider Know Your Customer.

If you liked this episode, please subscribe to the series and leave us a review.

If you’d like to connect with us, suggest a guest or a topic for an upcoming episode, please send us a message at info@knowyourcustomer.com or visit knowyourcustomer.com/regtalks.

Important: The views and information shared here are for general informational purposes only and do not constitute financial, investment, legal, or other professional advice. Authors do not guarantee the accuracy or completeness of the content. Products and services mentioned may not be available in all jurisdictions and are subject to applicable regulations. Listeners and readers should conduct their own due diligence and consult with a qualified advisor before making any financial decisions.

About Orbital group: