I can some what sympathize with part of what it sounds like here getting crushed by people committing credit card fraud. I had a small little company online in the early day's of the interweb's online payments. We had a very niche retail site, and for a few months we were increasing sales month-to-month. We'd get sales, the merchant company would approve them, and we'd ship out the product. Right up until the point where we got hit with enough fraudulent sales in what had to have been a coordinated effort that it killed us. The card numbers used were stolen, and we got hit with a massive amount of charge backs. Except, now we're out the inventory and no money to restock. It was the end of the retail side of us. To this day, I still have some sort of PTSD from that experience. I have a new site being worked on integrating with a popular modern card processing company. I am terrified to let the site go live and get hit with fraudulent charges again. I am on the fence of not even allowing for sales through the website.

> Our product was not in any sort of legal gray area (e.g. crypto) and fit within the bounds of existing law. From the day we started until the day we shut down, we’d spend millions of dollars to build a best-in-class compliance program to sit alongside our offering.

I worked in AML for a short time, and this:

> There were myriad buckets of n users who loved having a financial account designed just for them. A few examples from our own data: coparents, houses, art collectives, extended families who get along, teams, people who share livestock, churches, punk bands, weekend hustles, extended families who don’t get along, wiccans, and our team’s personal favorite, firehouses.

sounds like a compliance nightmare. Who is the beneficial owner of the wiccans collective bank account? What happens when one of the punk band member turns out to be an Iranian national? If three art collective members all deposit 5000 in one day, is that "smurfing" (splitting transactions so that they are under reportable thresholds)?

I think there is a good argument to be made that our current regulatory regime is bad, I'm not defending it. In this current regulatory environment though, "business style accounts but for informal small groups of individuals" cannot possibly make sense as a product. Their sponsor bank obviously didn't care when they were pulling minuscule numbers (10mm in monthly volume on a business account is really not very much to most banks.) Once Compliance finally decides to look at that Braid account, I'm sure it makes perfect business sense to offboard it for risk reasons. I'm shocked they didn't realize this.

ETA: If you are going to build a Fintech, please go listen to The Dark Money Files podcast first,

https://www.thedarkmoneyfiles.com/

Maybe hire them to tell you if your product makes sense. You can't "move fast, break things" with FINRA, it's NOT easier to ask for forgiveness from OFAC, etc.

> Every dollar a startup can raise is a gift. For a time I lost sight of this, and I won’t make that mistake again.

This seems like too general of advice. If you are profitable without raising, that in itself is a gift. Why take on debt if you don't need to? This might apply to fast-growth ventures that need to outpace competition to have a chance at existing, but not every company is structured like this or is in a market that requires this.

> A regulatory rug pull can and will outstrip any early traction or compliance gold stars that you think might save you.

Interestingly, this reminds me of all the apps built off Facebook's APIs in the early days. They would regularly remove one feature that was catastrophic. It's difficult to base your existence on some whale's whims, but in some ways often inevtiable too.

> A critical third-party informed us that they’d changed their mind on a key technical decision.

I'm so curious who. I got sick of dealing with Plaid's ceaseless API changes and ended up writing my own scraper for Wells Fargo transactions. I doubt they were using Plaid though XD.

Overall a really interesting writeup and I'm thankful to the author for sharing.

That was such a well written, introspective, and vulnerable story. I've had several opportunities to experience similar rides with very similar endings, and know how gut wrenching failure feels. And how it's often just a failure, with nothing learned. With writing like this, though, the rest of us get to learn.

> Initially, we thought leveraging third-party software would help us move faster and focus on our core offering.

> What we found, instead, was every additional partner had the potential to break big, important parts of our stack.

Sounds like a, literally, very expensive lesson to learn

And the other side of this is also worrying, I wouldn't put it past Braid being one of the biggest customers of this 3rd party, (unless it's a big one like AWS) and then you shoot yourself in the foot with a non-planned deprecation making your customers migrate.

> every additional partner had the potential to break big, important parts of our stack ... > our distaste for contractual and technical lock-in grew dramatically

I learned this through osmosis at one financial-adjacent company I worked for. Every senior technical manager was extremely hostile to any third-party integration. I personally saw several product driven initiatives completely dropped because it would require even the slightest lock-in.

When I see posts on HN or Reddit where the startup mentions a tech-stack built entirely on third-party services, I cringe. That is one of my main frustrations with the current AI wave - where most businesses are only viable with a quality of AI that is available only through third-parties. I believe in 3-5 years we'll be reading a lot of blog posts just like this one telling the same story about how their AI startup was forced to fold due to some locked-in provider changing policies.

I thought I was going to read about the Braid (masterpiece) video game.

I appreciate stories like this, they are the memento mori of startups.

One of the critical observations here for me is: whatever your primary product / value proposition is, make sure to build that out internally yourself, and not buy it from a 3rd party. According to the author, Braid repeatedly bought third party fintech products as core pieces of their platform rather than building it. This simply makes you a hostage to those companies.

I also echo some other top comments here - payments and banking is very highly regulated, and for good reason. The base concept seems extremely ripe for fraud.

> Myth: Your Early Adopters Are Your Best Customers

These folks suffered an extreme case of Early Adopters being unlike the majority, but anyone who gets this advice should read Crossing the Chasm (one of the 2 or 3 non-worthless business books, even if it's really only a single drawing).

Basically: consider the bell curve of a product's life span: First early adopters, then the early majority (your volume customers once you really have PMF), then on the other side of the midpoint: late majority and then the laggards).

The think is your early traction is on early adopters: people with special needs (not usually fraudsters :-), who find your product so valuable that they can put up with its bugs and lack of features to get value out of it, or just people who like the latest thing.

The features the early adoptors want not only are rarely what the majorities want, they could work against what the majorities want. The gap between the early adopters and the majority is a "chasm" -- huge, hard to get across and, as with Braid, often something a company falls into and dies.

I wanna know who the critical third party was, and also why the regulators said "Yeah but nah"

Have you ever gotten your coins stolen from your wallet or invested in an ICO that turned out to be a scam, you are not alone because this happened to me too. I initially lost $90,000 in just 3 months from Cryptoallday, I contacted the authorities and they refereed me to a bitcoin recovery agent who helped me recover all my funds within less than 2 days… I’m speaking out to improve our awareness of these cryptocurrency thieves and help you if you have been a victim yourself. Simply email: CRYPTORECOVERYHACKER @ GMAIL COM

What an unfortunate story, trying to do most stuff right and caring about what you're doing, yet failing due to a lot of things mostly outside of your control. I'd feel justifiably wronged by the bank and the vendors of the third party tech.

Oh no, I was hoping this was about a Braid remake, like Time Travel Understander!

https://www.youtube.com/watch?v=1fABGyVzVwI

https://en.wikipedia.org/wiki/Braid_(video_game)

Well written, I guess the key takeaway for me was to be a little wary about being dependent on building businesses on partnerships, there are few .. I have personally seen some business teams in incumbent partners using small startups for their pumping their own metrics and once their motto is over they can pull the plug.

It's like Venmo meets a corporate card program.

It's amazing anyone ever thought there was a fintech sector when it only seems to have about two useful companies (Stripe and Betterment).

I am hopeful for the future of this findom app

When I saw the title, I thought it is the video game Braid[1].

I really want the Anniversary Edition.

[1]: http://braid-game.com

Hey there - I'm the author of the essay, happy to weigh in. First, your initial reaction makes sense, and we spent many years (and as noted in the piece, millions of dollars) creating a structure that stayed within the bounds of every reg. That's why we didn't have many competitors.

To address your points:

1. The ownership of funds is mapped pro-rata to every user's contribution. If three people contribute $10, $10 and $20 dollars, and then the pool gets spent down to $10 total, the technical per-dollar ownership is $2.50, $2.50, $5. It was critical to have a down-to-the-cent mapping of individual ownership of every dollar in our system at all times. While funds availability is dictated by Federal Law (Reg CC), funds ownership was something we were allowed to establish in our own Terms of Service. It's still live and available to read here (Section 4): https://braid.co/legal/tos if you'd like. Funds ownership was not related to spending permissions, which could be decided by the pool admin (for example, maybe you want all users to be able to spend all available funds, that's up to you).

2. Every individual who signed up for Braid went through our KYC/CIP process. We had a very robust (and expensive) waterfall to verify every indiviual, and screened the entire customer base every time the OFAC list was updated. I was never on board with concept of "treat the group as a single entity" for exactly this reason. For consumers, a group is not a business or an entity, it is a group of individuals and should be treated as such. There are always false negatives and these systems aren't perfect, but if you're on the OFAC list you wouldn't be able to simply sign up for Braid and slosh money around. That's illegal.

3. We built from-scratch internal anti-money-laundering software that was designed to catch exactly the kind of money laundering that could only happen in a pooled account structure, in addition to all the standard money laundering tactics (circular transfers, flow-through, structuring, transaction frequency, and more)

4. From my perspective, a product like this makes sense within the existing regulatory environment IFF the startup (us) was willing to do the hard work to figure it out. We absolutely were and had the time and money to get it right. But yes, it was very complex and at times infuriating.

5. As noted in the piece, the bank off-boarded every fintech they had -- debit cards for college kids, small business banking apps, neobanks for different consumer groups. I know this because we had a phone chain/support group by the end of it. It wasn't about our business model, it was about getting out of fintech sponsorship entirely.

6. We've gone through detailed compliance reviews with multiple banks, and worked with a handful of well-known legal experts (at least that's how they billed). Especially by the end, we had a good sense of the regulatory constraints and what the regulators care about these days. I've met with the OCC personally a couple times and gotten their perspective as well. FINRA regulates investment products, not deposit accounts.

In sum, while there is no such thing "move fast, break things" in fintech, the idea that we shouldn't fight for what consumers want and do the hard regulatory work to make it happen is too depressing for me. I have to believe new products are possible, and still do.

That strategy works fine till hard times come. Look up Beyond The Summit sometime. Sad story how it ended.

Raising money insulates against death by starvation of funds. Of course, the game becomes different; you need to keep growing. But those are the two alternatives, and of the two, sustained growth over 8 years seems like a better general strategy.

In addition, if I’m reading the article correctly, the reason why it would have been better to raise money when the projections looked amazing is that they didn’t pan out, and to expect them to be accurate was greedy?

I’ve been a founder, so I know that raising money is all about telling a story about the future, and the time to raise is when your graph supports that story, or before you have a graph. If a week later, everything is different, well, that’s start-ups for you. But I think it’s good to be able to take a step back from this and recognize how bizarre it is, and that a business doesn’t have to be structured this way.