Today on The Settlement Layer: The The Settlement Layer payments ecosystem is seeing central authorities assert new boundaries over the digital economy. The South The Settlement Layer Reserve Bank is establishing formal oversight over previously unchecked cross-border aggregators, and Kenya has legislated an expanded crisis toolkit for its central bank. On the infrastructure side, the battle for stablecoin settlement dominance is accelerating, as Flutterwave rounds out its multi-rail treasury with a strategic USDC integration.
The South African Reserve Bank (SARB) announced on Tuesday its intention to increase regulation of cross-border payment facilitators that aggregate transactions in South Africa for offshore merchants. The move aims to bring these currently unregulated entities under the oversight of the National Payment System Department, tightening rules around exchange control, AML, and consumer protection.
Why it matters
This is a significant regulatory shift for any PSP operating a cross-border model into South Africa. For African Payment Solutions, this signals the end of the unregulated space for payment aggregators. The company will likely face new compliance obligations, reporting requirements, and direct oversight from the SARB, potentially altering operational structures and costs for facilitating ZAR payments for international merchants.
Following a June 26 announcement, Standard Bank is now authorized by the People's Bank of China to clear Renminbi (RMB) transactions directly in Africa. According to a Tuesday report, this will allow South African businesses trading with China to settle payments in ZAR-to-RMB without an intermediate conversion to USD, significantly reducing transaction costs and settlement times.
Why it matters
This is a major operational improvement for any South African merchant sourcing goods from China. By removing the USD leg of the transaction, it directly lowers the cost and complexity of forex. For a payment gateway, this development could influence which banking partners are most strategic for facilitating payments for merchants with supply chains in China.
Hot on the heels of integrating Ripple's RLUSD, Flutterwave has secured a strategic investment from Circle Ventures to embed USDC settlement directly into its payment infrastructure. This creates a multi-rail stablecoin environment, allowing businesses to collect local currency and settle in either dollar-backed asset.
Why it matters
This completes a rapid one-two punch for Flutterwave, cementing its position as a neutral, multi-rail provider with treasury-level optionality. The successive Ripple and Circle deals highlight an intense, well-funded race among stablecoin issuers to capture the African B2B settlement layer, raising the baseline table stakes for competing PSPs.
An operational guide published Tuesday outlines best practices for optimizing cross-border payment stacks in 2026. Key recommendations include prioritizing local payment methods (LPMs) for target regions, handling currency display with either real-time FX or market-specific pricing, and implementing nuanced fraud rules that don't kill conversion. The guide also details checkout UX improvements like international address validation and express checkout options.
Why it matters
This guide serves as a practical checklist for a B2B payment gateway's product strategy. The emphasis on LPMs, adaptive fraud rules, and checkout UX directly impacts merchant success. The analysis provides a strong external validation for focusing on deep localization of payment methods rather than a one-size-fits-all card-centric approach, which is critical for conversion in diverse African markets.
On Tuesday, Kenyan President William Ruto signed the Central Bank of Kenya (Amendment) Bill, 2026 into law. The legislation expands the CBK’s powers to intervene during banking crises, tightens rules for emergency bailouts, and distinguishes between routine monetary policy and Emergency Liquidity Assistance (ELA). The law aims to modernize Kenya’s financial regulatory framework and enhance systemic stability.
Why it matters
This new law bolsters the resilience of Kenya's banking sector, which is foundational infrastructure for all payment providers. By creating a clearer, stricter framework for emergency liquidity, the CBK can better prevent systemic shocks. For a PSP operating in Kenya, a more stable banking system reduces counterparty risk and ensures the reliability of settlement and other critical financial services.
The new PCI DSS v4.0.1 standard introduces stringent requirements to combat 'Magecart' style web-skimming attacks. As detailed in a Wednesday analysis, merchants and payment providers must now maintain a comprehensive inventory of all payment-page scripts, ensure they are authorized, verify their integrity, and actively monitor for any tampering. This is a direct response to widespread attacks where malicious scripts are injected into checkout pages to steal card data.
Why it matters
This is a direct, operational mandate for any payment gateway. The new rules significantly increase the compliance burden for managing checkout environments. For African Payment Solutions, this requires implementing proactive script monitoring and inventory management to protect merchant checkouts from card-not-present fraud originating from compromised JavaScript. Failure to comply not only increases fraud risk and chargeback liability but also jeopardizes PCI certification.
Effective July 24, Mastercard will launch its 'Merchant Trust Services' initiative, shifting its fraud-monitoring focus from reactive to proactive. The new rules, detailed on Tuesday, will require acquirers and payment facilitators to investigate merchants exhibiting specific scam-related risk signals within 72 hours. A confirmed finding of scam activity could lead to immediate termination of the merchant's ability to accept Mastercard and Maestro.
Why it matters
This represents a significant operational shift in risk management for acquirers and PSPs. The 72-hour investigation window puts immense pressure on compliance and risk teams. Payment gateways will need to enhance their merchant onboarding and continuous monitoring systems to identify these new risk signals proactively, as liability and network penalties will become more severe.
BanffPay announced on Tuesday it has secured a Payment Service Provider (PSP) license from the Central Bank of Liberia and launched the country's first unified Pay-In and Pay-Out API. The platform aims to allow businesses to connect to multiple payment methods across more than 25 African markets through a single integration, streamlining cross-border collections and settlements.
Why it matters
The emergence of a licensed, unified payment aggregator in Liberia opens up a new, previously fragmented market. This provides a clear integration point for accessing the Liberian payment ecosystem and represents a new competitive force in the pan-African payment space. The model of a single API for multi-country access is a direct challenge to bespoke, country-by-country integration strategies.
In a significant competitive move detailed Tuesday, GTCO's fintech arm, HabariPay, plans to deploy 200,000 Point-of-Sale (PoS) terminals across Nigeria in 2026. The bank is targeting an annual transaction value of ₦12 trillion ($8.76 billion) and is even offering zero processing fees for some merchants to challenge fintech incumbents like Moniepoint and OPay in the merchant acquiring space.
Why it matters
This signals a major offensive by a traditional Nigerian bank into the territory dominated by fintechs. GTCO's aggressive hardware deployment and price competition will reshape the merchant services landscape in Nigeria. For a PSP, this intensified competition could drive down merchant fees but also requires a clear value proposition beyond price to retain and attract merchants.
Following the barrage of Nigerian directives we've been tracking—from the CBN's looming data localization mandate to stricter HoldCo and SEC frameworks—the Federal Government ordered a suspension of all new regulations targeting digital platforms on Tuesday. The pause aims to halt overlapping agency actions while the government drafts a single, unified digital economy policy.
Why it matters
This regulatory pause could bring welcome relief from the recent barrage of often conflicting directives from different Nigerian agencies. A single, coherent framework would provide greater legal certainty and a more predictable compliance environment for fintechs and payment companies operating in Nigeria. However, it also introduces a period of uncertainty as the new framework is developed.
The European Central Bank (ECB) has directed all supervised banks to submit formal plans by October 31 detailing how they will defend against AI-powered cyberattacks. In a Tuesday announcement, the ECB described AI threats as an urgent and lasting shift, requiring banks to accelerate vulnerability management and modernize technology. The mandate also applies to the euro-area subsidiaries of major US banks.
Why it matters
While this is an EU-specific directive, it sets a new global benchmark for financial cybersecurity. Regulatory expectations for AI-driven defense will likely cascade through the entire financial system, affecting infrastructure partners like AWS and setting new standards for PSPs. This signals that regulators now view AI not just as a tool but as a significant threat vector, requiring board-level attention and dedicated resources.
Equity Group, the AfricaNenda Foundation, and the Gates Foundation announced a partnership on Tuesday to accelerate the adoption of Digital Public Infrastructure (DPI) across Africa. The initiative, starting in Rwanda, will focus on promoting interoperable payment systems and digital identity. Equity Group CEO Dr. James Mwangi has been appointed as the continent's first DPI Champion.
Why it matters
This high-level partnership adds significant momentum to the push for standardized, interoperable payment systems across Africa. The involvement of major players like Equity Bank and the Gates Foundation signals a coordinated effort to build the foundational rails that could simplify cross-border payments, potentially reducing integration complexity and fostering a more unified digital market.
Regulators Formalize Oversight in Key Markets South Africa's SARB is moving to regulate previously unmonitored cross-border payment aggregators, while Kenya's new Central Bank law strengthens its crisis intervention powers. This signals a trend towards more robust and formal regulatory frameworks across the continent's major financial hubs.
Stablecoins Solidify Role as Core Settlement Infrastructure Flutterwave's integration of USDC, backed by a strategic investment from Circle, follows its recent adoption of Ripple's RLUSD. This multi-rail approach by a major African PSP underscores the growing acceptance of stablecoins as a primary mechanism for cross-border settlement and achieving dollar liquidity.
The Fraud Stack Becomes a Strategic Differentiator As e-commerce grows, so does the sophistication of fraud. Tactical guides for building layered fraud defenses and selecting chargeback management software highlight that risk mitigation is no longer a cost center but a core component of a competitive payment offering, directly impacting conversion and merchant retention.
Pan-African Payment Initiatives Gain Momentum From Interswitch's advocacy at the AfCFTA Digital Trade Forum to a new partnership involving Equity Group and the Gates Foundation, there's a renewed push for interoperable, continent-wide Digital Public Infrastructure (DPI) to streamline trade and reduce payment friction.
Card Networks Tighten Rules, Forcing Infrastructure Upgrades New mandates from Visa (Stored-Credential Transactions) and Mastercard (Merchant Trust Services), along with updated PCI DSS requirements for checkout scripts, are compelling merchants and PSPs to re-architect their billing and security stacks. Compliance is becoming a significant operational lift, with direct impacts on authorization rates and fraud liability.
What to Expect
2026-07-24—Mastercard's new 'Merchant Trust Services' initiative takes effect, requiring acquirers to investigate merchants with scam-related risk signals within 72 hours.
2026-08-31—Public comment period closes for the South African Revenue Service (SARS) draft guidance on the taxation of crypto assets.
2026-10-31—ECB deadline for supervised banks to submit formal plans to defend against AI-powered cyberattacks.
2027-01-01—CBN's deadline for all financial institutions in Nigeria to migrate transactional data to local data centers.
How We Built This Briefing
Every story, researched.
Every story verified across multiple sources before publication.
🔍
Scanned
Across multiple search engines and news databases
455
📖
Read in full
Every article opened, read, and evaluated
180
⭐
Published today
Ranked by importance and verified across sources
12
— The Settlement Layer
🎙 Listen as a podcast
Subscribe in your favorite podcast app to get each new briefing delivered automatically as audio.
Apple Podcasts
Library tab → ••• menu → Follow a Show by URL → paste