Cumbuca

Product Introduction

1. Cumbuca operates as a regulatory proxy layer enabling direct integration with Brazil's Central Bank (BACEN) ecosystem without requiring full licensing. It provides technical infrastructure bridging between client systems and regulated financial networks like Open Finance and Pix. Businesses maintain operational autonomy while leveraging Cumbuca's payment institution credentials for compliance. This approach eliminates traditional licensing barriers while preserving full control over data and infrastructure.

2. The core value lies in merging regulatory compliance with technical independence, allowing rapid market entry without sacrificing operational control. Clients bypass years of licensing procedures and millions in compliance costs while accessing real-time payment rails. This model delivers the development flexibility of licensed institutions combined with implementation speeds exceeding traditional BaaS solutions. Ultimately, it reduces regulatory risk exposure while enabling customization of every transaction layer.

Main Features

1. Direct API Integration: Cumbuca enables native connectivity to BACEN's Open Finance and Pix systems through official banking APIs. Clients initiate payments and data requests directly from their infrastructure using JSR security protocols (JWT/JWS + mTLS). This includes capabilities like automatic Pix processing, proximity payments, and recurring transactions without intermediary platforms. All transactions maintain end-to-end encryption within client-controlled environments.

2. Regulatory Data Access: Provides comprehensive financial data aggregation under user consent, including transactional histories, account balances, investment portfolios, and credit operations. Includes SCR integration for regulated credit history checks directly through Central Bank systems. Supports risk assessment, reconciliation processes, and product personalization using raw banking data streams. Data flows 1:1 from source institutions without intermediary alteration or storage.

3. Infrastructure Control: Clients fully own their technical stack, certificates, and data storage with zero vendor lock-in. Customize risk policies, PLD/CFT controls, and customer service operations independently. The proxy architecture allows seamless migration to proprietary licenses by simply replacing credentials. All systems operate within client infrastructure, enabling direct debugging and issue resolution without third-party dependencies.

Problems Solved

1. Eliminates the trade-off between licensing autonomy (2-3 years process, $2M+ costs) versus BaaS speed (limited control, data restrictions). Solves operational bottlenecks caused by intermediary platforms that restrict API customization and data ownership. Addresses critical stability issues where traditional providers average 14 hours monthly downtime by enabling direct BACEN connectivity.

2. Targets fintech startups, neobanks, and enterprises needing Pix/Open Finance access without licensing overhead. Specifically serves payment initiators (ITPs), credit providers, and financial data aggregators in Brazil. Ideal for companies scaling transactional operations while requiring regulatory compliance.

3. Enables a neobank to launch Pix payments in 60 days while retaining user data ownership. Allows loan providers to pull real-time SCR credit reports through their own interfaces. Facilitates smooth migration when companies obtain licenses - demonstrated by clients maintaining identical infrastructure while switching from Cumbuca's credentials to their own BACEN certificates.

Unique Advantages

1. Unlike OFaaS providers, Cumbuca never monetizes client data or restricts API customization, maintaining true zero-data-usage policy. Competitors require adaptation to their operational policies, while Cumbuca enables co-construction of risk/AML frameworks. Provides direct ticket issuance control versus competitors' SLA-bound dependency for basic functions.

2. Patent-pending proxy architecture enables credential enrichment without data interception. Unique "license migration guarantee" allows infrastructure preservation during regulatory graduation. Only solution offering both JSR security compliance and direct Pix processing without abstraction layers.

3. Delivers 99.5%+ uptime by avoiding BaaS infrastructure bottlenecks. Reduces time-to-market by 18x compared to licensing (60 days vs 3 years). Eliminates regulatory capital requirements and COSIF overhead while providing full audit trail ownership. Clients avoid rebuilding infrastructure when obtaining licenses, saving ~$500k in migration costs.

Frequently Asked Questions (FAQ)

1. How does data ownership work with Cumbuca? Clients receive raw, unmodified data directly from banking partners through their own infrastructure. Cumbuca never stores, processes, or monetizes transactional information. All data governance complies with BACEN's Open Finance regulations while maintaining end-client control. This contrasts with BaaS providers who typically aggregate and resell anonymized data.

2. What's the implementation timeline for Pix integration? Full production deployment typically requires 1-2 months post-contract signing. This includes certificate generation, mockbank testing, and BACEN sandbox validation. Clients use existing infrastructure with minimal adaptations, avoiding rebuilds required by traditional providers. The proxy layer integration adds negligible latency (under 50ms).

3. Can we migrate to our own license later? Yes, identical infrastructure works with future licenses by replacing Cumbuca's credentials with client certificates. Migration requires zero code changes or system modifications. Historical data remains fully accessible during transition. This process has been successfully executed by clients obtaining ITP licenses within 12 months of initial deployment.

4. How do you handle regulatory compliance? Cumbuca's IP/ITP license covers all transactions while clients control PLD/CFT policies. Jointly developed risk frameworks align with BACEN Resolution 80 requirements. Compliance audits occur through client systems rather than Cumbuca's platform, ensuring direct responsibility. Regular policy reviews accommodate regulatory updates without service interruptions.

5. What technical support is provided? Clients receive BACEN API documentation and direct sandbox access for development. Operational issues are resolved through client infrastructure access rather than ticketing systems. Support includes certificate management guidance and regulatory change notifications. Critical issues allow client-led debugging since systems operate within their environment.