Regulatory compliance is not typically associated with innovation, growth, and competitive advantage. Most companies — including SaaS platforms — tend to see compliance less as a business opportunity than as an obligation to meet at the lowest possible cost of time and money.

Forward-thinking platforms, however, are rethinking their approach. Increasingly, they view compliance as a strategic opportunity rather than a check-the-box exercise. Platforms already understand that embedding payments and financial products like loans and cards can bolster revenue by delivering more value to customers.

But here’s the challenge: Payments and financial products are heavily regulated, demanding sophisticated, continuously evolving capabilities to stay compliant. What strategy should platforms adopt to ensure embedded finance compliance across the myriad global markets where they operate? Is the control that comes with securing financial licenses worth the resources required? Or is it better to work with a trusted partner?

These questions — including how platforms can transform compliance into a meaningful competitive advantage — were the focus of a recent episode of Adyen Presents: Embedded Finance, a podcast series examining the strategies SaaS platforms are pursuing to maximize the value of embedded payments and financial products. 

The episode, Keeping Compliant with ModMed & Mariëtte Swart, featured insights from Mariëtte Swart, Adyen’s chief risk & compliance officer, and Ash Forsyth, general manager at Modernizing Medicine (ModMed). ModMed operates in the highly regulated U.S. healthcare industry and provides electronic health record (EHR) and practice management software to thousands of healthcare practices nationwide. 

A Big Bet on Licenses

About a decade ago, Adyen made the decision to secure its own payments and banking licenses in multiple jurisdictions. At the time, many industry observers were surprised by the move, Swart said, believing that taking full regulatory responsibility for its platform customers would overwhelm and distract the company.

Swart disagreed. 

“We made the very conscious decision to build everything on our own regulatory licenses,” she said. “That’s probably very different from many other fintechs. But it means we can serve customers globally with one infrastructure.”

Over time, the wisdom of that choice became clearer. Platforms that initially sought their own licenses quickly discovered just how heavy the compliance burden is. Regulatory rules differ from one market to the next, often requiring companies to build entire departments just to keep pace.

“It’s a really heavy load to carry,” Swart explained. “What we see now is that most of our platform customers ultimately make the decision to work with a financial institution that has a regulatory license. That still allows them to monetize payments, but another institution carries the load. The regulatory and operational overhead is not theirs to carry.”

By working with Adyen, platforms avoid taking on direct regulatory liability for requirements like anti–money laundering checks and fraud monitoring, since these fall under Adyen’s licenses. Adyen carries the bulk of the operational and regulatory overhead, enabling platforms to focus on their core value.

ModMed’s Compliance Challenge

Few industries pose greater compliance complexity than U.S. healthcare. ModMed’s EHR and practice management software must meet HIPAA (Health Insurance Portability and Accountability Act) privacy standards, DEA (Drug Enforcement Agency) credentialing for controlled substances, Medicare reporting requirements, and an array of state-level regulations.

Adding payments only heightens that complexity. 

“We have a dedicated compliance team focused on our annual certifications with the U.S. government,” Forsyth said. “But when you add payments into the picture, it’s a whole new structure that practices aren’t used to talking to their EHR provider about.”

Nevertheless, the customer benefits were compelling enough for ModMed to launch ModMed Pay in 2020. Forsyth credits Adyen with making that move possible. 

“They handle a huge portion of the regulatory oversight and guide us through the steps so we can focus on delivering value to practices,” he said.

By offloading the payments compliance burden, ModMed has been able to concentrate on its core value: helping practices deliver care. That value has only grown as practices adopt ModMed Pay. Today, most of ModMed’s clients use the service, which includes a text-to-pay feature that lets patients settle bills instantly via mobile. 

“If ModMed Pay is being successful for the practice, accounts receivable and payment times will be improving,” Forsyth said. “We’re focused on giving practices tools to streamline collections and meet patients where they are.”

Compliance as Differentiator

The lesson from both Adyen and ModMed is clear: Compliance is not just a cost center. Managed strategically, it becomes a differentiator. Platforms that embed compliance into their operations can move faster, expand globally, and win customer trust. “If you do this really well, then it can truly be a differentiator,” Swart said. Forsyth agreed, noting that while compliance often runs behind the scenes, its benefits are visible in customer adoption and satisfaction.

The embedded finance wave shows no signs of slowing down. Regulation will continue to evolve, with new standards continuously unveiled to address emerging threats. Platforms that wait to implement robust regulatory compliance tools are more exposed to a growing menu of risks. 

But those who invest now and work with trusted partners won’t just avoid fines and other regulatory pitfalls. They’ll be positioned to win trust from customers and to transform compliance into a long-term competitive advantage.