.png)
On February 17, 2026, the Bank of Canada did something it had never done before under the newly enacted Retail Payment Activities Act. It issued an immediate compliance order against XTM Inc., ordering the company and its affiliated entities, including the AnyDay platform, to cease all payment activity, effective immediately.
There was no advance notice, no wind-down period, no grace period for users to move their funds. It all just stopped.
For the businesses and gig workers who depended on AnyDay for earned wage access and payroll, the impact was immediate and disruptive. Funds they expected to receive never arrived, and programs that had been running smoothly were frozen overnight.
While it's tempting to treat this as one company's problem, there's a broader lesson here and a question that every business running a payment program should be asking: do you know how your payment provider is actually holding your money?
The answer to that question, it turns out, determines a lot about what happens when things go sideways.
The Problem Wasn't the Product: What Actually Happened at XTM?
To understand why the Bank of Canada took such an unusual step, it helps to understand what XTM actually was.
XTM operated as a Money Services Business (MSB), a category of financial company regulated in Canada primarily by FINTRAC, focused on anti-money laundering and fraud prevention. Through its AnyDay platform, XTM offered earned wage access and prepaid card products targeting gig workers and hourly employees who needed faster access to their pay.
The business model made sense on paper. Workers don't want to wait two weeks for a paycheck, and employers want a simple way to offer that benefit. XTM sat in the middle and facilitated it.
The problem wasn't the product. It was the structure underneath it.
The Bank of Canada's compliance order cited serious concerns that XTM had failed to safeguard client funds, and that allowing the company to continue operating could be "prejudicial to the public's interest." In regulatory terms, that's a signal that waiting posed a real risk to real people.
What does "failure to safeguard funds" mean in practice? As an MSB, XTM was directly responsible for holding and protecting the money flowing through its platform. Unlike a bank, or a payments infrastructure provider working with a bank, there was no structural requirement to keep client funds segregated from the company's own operating capital, or held at a federally regulated institution. When something went wrong internally, there was no firewall protecting the funds that workers and businesses were counting on.
The Bank of Canada didn't issue a warning or open an investigation. It issued an immediate stop order, the kind of action regulators reserve for situations where waiting would cause real harm. That should give any company using a payment program provider pause, especially if you've never asked how your funds are actually being held.
The Real Difference: How Payment Providers Hold Money
Most businesses evaluating a payments partner focus on the obvious things: features, pricing, integration complexity, customer support. Many never think to ask what kind of regulated entity they're working with, and what that means for their funds.
As the XTM situation demonstrated, it's a question worth asking.
There are two fundamentally different models in the payments industry, and the distinction is worth understanding.
Money Services Businesses (MSBs)
MSBs are registered with FINTRAC, Canada's financial intelligence unit, primarily to meet anti-money laundering and fraud prevention requirements. MSB registration says something meaningful about a company's compliance posture around financial crime, but it doesn't say much about how client funds are protected.
That's because MSBs are permitted to hold and move funds themselves, with no structural requirement to keep those funds segregated from their own operating capital or held at a federally regulated bank. The company is the custodian. If that company runs into financial trouble, or as in XTM's case, fails to meet regulatory requirements around fund safeguarding, there's no institutional backstop protecting your money.
This isn't a theoretical risk. It's exactly what the Bank of Canada's compliance order was responding to.
Payment Services Providers (PSPs)
PSPs operate under a different framework entirely. In Canada, PSPs are regulated by the Bank of Canada under the Retail Payment Activities Act, the same legislation used to issue the XTM order.
The PSP model is built around a structural separation between the technology layer and fund custody. A PSP like Berkeley provides the platform, the infrastructure, the compliance framework, and the banking integrations, but the funds themselves are held at fully licensed, federally regulated financial institutions. The bank holds the money; the PSP moves it.
This distinction matters enormously when things go wrong. If Berkeley were to face any kind of operational or regulatory issue, client funds would still be sitting safely at our banking partners, protected by the full regulatory framework that governs federally licensed banks.
MSB vs. PSP: A Quick Comparison
MSB PSP
Regulated by FINTRAC Bank of Canada (RPAA)
Holds client funds? Yes, directly No, held at licensed bank partners
Fund segregation required? Not Structurally Yes, through banking partner
Your Funds Are Only as Safe as Your Provider
If your payment program runs on top of an MSB, you are, whether you realize it or not, taking on some of the financial risk of that MSB's own operations. Your workers' wages, your disbursements, and your client funds are only as safe as the company holding them.
With a PSP model, that risk is structurally removed. You're working with a technology partner that plugs into regulated banking infrastructure, not one that acts as the financial institution itself. That separation is the point.
Questions You Should Be Asking Your Payment Provider
Most payment providers aren't on the verge of a compliance order, so the XTM situation isn't a reason to panic. But it is a useful prompt to ask some basic questions about how your funds are actually protected.
If you're running a payment program, or evaluating providers, whether for payroll, disbursements, earned wage access, incentives, or anything else, here are five questions worth getting clear answers to:
- Are client funds held at federally regulated financial institutions? This is the foundational question, and the answer should be an unequivocal yes. The provider should also be able to tell you exactly which institution and under what arrangement.
- Are client funds segregated from the provider's operating capital? A provider that commingles client funds with their own operating accounts is one whose financial health is directly tied to the safety of your money, a risk you shouldn't have to take.
- What happens to my program if you face a regulatory action or insolvency? It's an uncomfortable question, but ask it anyway. A well-structured provider should have a clear answer, and that answer should not be that your funds are at risk too.
- Are you registered and compliant under the Retail Payment Activities Act? PSP registration under the RPAA is a meaningful signal. It means the Bank of Canada has oversight of how that provider manages operational risk and safeguards funds, not just whether they're checking AML boxes.
- What does your banking partnership structure look like? Who are the licensed institutions behind your platform? How are funds actually held and moved? A reputable provider should be able to walk you through this without hesitation.
None of these should be gotcha questions. Any serious payment provider should welcome them and have straightforward answers. If the responses are vague or evasive, that's a red flag worth paying attention to.
The XTM order is a reminder that in payments, the structural details, fund custody, regulatory framework, banking partnerships, are not fine print. They determine whether your program keeps running when something unexpected happens.
Structure First: How Berkeley Approaches Payments Infrastructure
Berkeley operates as a payments infrastructure platform, the technology and integration layer that sits between your company and the banking system. We're not a bank and we're not trying to be. What we are is a PSP built from the ground up to work with fully licensed banking partners, not around them.
In practice, that means:
- Client funds are held at regulated financial institutions. When money moves through Berkeley's platform, whether that's a payroll disbursement, a prepaid card load, or a mass payout, it's held at our banking partners, not on Berkeley's balance sheet. That separation is how our platform is built.
- Compliance is part of our infrastructure. Berkeley's platform includes built-in AML/KYC frameworks, immutable transaction ledgers, spend controls, and audit trails, the foundational features that enterprise clients, financial institutions, and government programs should require before putting their name on a payment program.
- We're registered under the Retail Payment Activities Act. The same regulatory framework the Bank of Canada used to issue the XTM order is the framework Berkeley operates under. That reflects how our platform is structured and what kind of oversight we're accountable to.
- Speed and safety aren't a tradeoff. One persistent myth in payments is that moving fast means accepting more risk. Berkeley's platform is designed to disprove that. We power real-time disbursements, instant card issuance, and mass payouts at scale, all running on banking infrastructure that meets the compliance requirements of the most risk-sensitive businesses and organizations.
The companies looking to move off platforms like AnyDay aren't just looking for a replacement. They're looking for a provider they can trust to still be running, and running cleanly, in two, five, and ten years. The features might look similar across providers. It's the underlying structure that makes the real difference.
Ready to Make the Move? Here's What to Expect
If your program has been disrupted by the XTM order, or if this situation has prompted a harder look at your current payment infrastructure, the natural next question is: how complicated is it to switch?
Migrating a payment program takes real planning. There are cardholder accounts to transition, banking integrations to set up, and compliance documentation to work through. Anyone who tells you it's a one or two day process is underselling the complexity.
What Berkeley offers is a structured onboarding process built on significant experience bringing payment programs across from other providers, or standing them up from scratch. A few things that make the transition more manageable than you might expect:
- A single integration point. Rather than stitching together multiple vendors for card issuance, money movement, compliance, and reporting, Berkeley consolidates all of that into one platform, reducing integration burden significantly compared to building or migrating to a multi-vendor stack.
- White-label flexibility. If your program is client-facing or worker-facing with your brand on it, that doesn't have to change. Berkeley's platform is built to sit behind your brand, not in front of it.
- Dedicated implementation support. We don't hand you API documentation and wish you luck. Implementation is a supported process with Berkeley's team involved from scoping through go-live.
The disruption caused by the XTM order is real, and we don't want to minimize it. But if it prompts your organization to move to infrastructure that's more structurally sound, that's a meaningful long-term win, even if the short-term transition is messy.
If you'd like to talk through your current setup and what a move to Berkeley could look like, get in touch with our team.
