Compliance

Last updated: March 1, 2026

Overview

Core Issuance is built to meet the rigorous compliance requirements of the financial services industry. We maintain certifications and adhere to regulations that enable our clients to launch card programs with confidence.

PCI DSS Level 1

We are certified as a PCI DSS Level 1 Service Provider, the highest level of certification in the Payment Card Industry Data Security Standard. This certification covers all aspects of our card issuing infrastructure, including data storage, processing, and transmission of cardholder data.

SOC 2 Type II

Our SOC 2 Type II report, issued by an independent auditing firm, verifies that our controls for security, availability, processing integrity, confidentiality, and privacy are designed and operating effectively over a sustained period.

Anti-Money Laundering (AML)

We maintain a comprehensive AML compliance program that includes:

  • Transaction monitoring with configurable rules and thresholds
  • Suspicious activity detection and reporting (SARs)
  • Sanctions screening against OFAC and international sanctions lists
  • Ongoing customer due diligence and risk assessment

Know Your Customer (KYC) & Know Your Business (KYB)

Our platform supports robust identity verification workflows:

  • Identity document verification and biometric checks
  • Business entity verification and beneficial ownership identification
  • Politically exposed person (PEP) screening
  • Ongoing monitoring and periodic re-verification

Data Privacy Regulations

We support compliance with major data privacy frameworks including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA/CPRA)
  • Gramm-Leach-Bliley Act (GLBA)
  • State-level privacy laws across the United States

Card Network Rules

Our platform is designed to comply with the operating regulations of major card networks, including Visa and Mastercard. We help clients navigate network requirements for card program registration, BIN sponsorship, dispute management, and reporting.

Shared Responsibility

While Core Issuance provides a compliant infrastructure foundation, our clients share responsibility for compliance within their applications. We provide documentation, tools, and support to help you meet your regulatory obligations.

Questions

For compliance-related inquiries or to request copies of our certifications and audit reports, please contact compliance@coreissuance.com.