We’ve published a new evergreen R42 Compliance Listing for Yapily on the R42 Listings platform. It’s designed as a living, updateable reference for merchants, compliance teams, regulators, journalists, and investigators who need a fast, evidence-led snapshot of where a payment rail sits in the stack—and where its exposure can start to matter.
What’s in the new listing
The Yapily listing packages a structured compliance profile into a single, skimmable page: traffic-light risk signal, verified entity and licensing anchors, an evidence box, a merchant due-diligence checklist, an evergreen update log, and a Call for Information via Whistle42.
Go to the Yapily listing profile.
What we can verify (and why it matters)
Yapily operates through regulated “Connect” entities in the UK and Lithuania, positioned as an open-banking infrastructure provider enabling account information and payment initiation use cases (i.e., “Pay by Bank” rails).
Key regulatory anchors referenced in the listing include:
- Bank of Lithuania: Yapily Connect UAB — Payment Institution licence (authorisation code LB002045)
- UK FCA register signals: Yapily Connect Ltd appears under FCA register references (including dataset download and FCA register page) and is described in Yapily’s own legal/terms pages as FCA-regulated under FRN 827001.
Why R42 rated Yapily 🟠 Medium
This is not a “gotcha” rating. It’s a rail-geometry rating.
The listing’s Orange (caution) signal is primarily driven by two evidence-backed themes:
- Explicit iGaming/Gambling positioning. Yapily markets open-banking solutions to gaming/gambling operators, including “Pay by Bank” deposit flows and onboarding/verification use cases for operators.
- Embedded/third-party access risk. Yapily’s “Connect” proposition is marketed as enabling customers to use open banking without acquiring their own AISP/PISP permissions, which can increase exposure to partner/agent governance and downstream merchant quality—especially where intermediaries aggregate multiple merchants.
We also note that FinTelegram has reported allegations that Yapily rails may be routed via an intermediary layer into offshore casino deposit stacks. Those claims are unproven in the R42 listing and are treated as monitoring triggers—not findings—pending documentary evidence (contracts, consent logs, TPP IDs, payee/IBAN mapping, regulator correspondence).
Practical takeaway for merchants and compliance teams
If you’re onboarding any “Pay by Bank / open banking” rail into high-risk verticals, don’t stop at “they’re regulated.” Your due diligence must nail down:
- Which contracting entity (UK vs Lithuania) is responsible for the service;
- Whether your business model makes you a direct customer vs agent vs sub-merchant aggregator;
- What downstream merchant controls exist (KYB, UBO checks, geo/legality controls for gambling);
- How disputes, refunds, and fraud escalation are handled on A2A rails vs card schemes.
Where to read it
The full evergreen listing is now live on R42 Listings here.
Call for Information (Whistle42)
R42 is actively collecting contracts, onboarding emails, partner/agent agreements, settlement statements, consent/redirect logs, payee/IBAN mappings, and regulator correspondence involving Yapily-powered deposit flows—especially where intermediaries front the rail for gambling or offshore-facing merchants. If you have documentary evidence, submit it securely via Whistle42.com (screenshots are helpful, but primary artifacts are best).
