Payment Biz Pulls Plug on Open Source Charity After KYC Spat

The Free Software Foundation Europe’s fallout with Nexi underscores how regulatory pressure can upend long‑standing payment relationships. BaFin’s anti‑money‑laundering framework forces Italian‑based Nexi to verify merchant compliance through Know‑Your‑Customer checks, a process that many nonprofits find opaque. When Nexi asked for test login details—intended to confirm that donors could cancel subscriptions—FSFE interpreted the request as a demand for actual supporter passwords, prompting a refusal that triggered contract termination. This clash illustrates the delicate balance between fraud prevention and the privacy expectations of donor communities.

For charities reliant on recurring credit‑card contributions, the incident serves as a cautionary tale about data governance and contractual clarity. FSFE’s 15‑year partnership with Nexi dissolved without a clear deadline, leaving more than 450 donors unable to renew automatically. The organization now faces the logistical challenge of migrating supporters to a new processor, a task complicated by the inability to transfer existing payment credentials. Such disruptions can erode donor trust, especially in the open‑source ecosystem where transparency and privacy are core values.

The broader industry implication is a growing need for payment providers to offer compliant yet privacy‑respectful solutions. Nonprofits may increasingly demand granular KYC processes that isolate merchant verification from end‑user data, or they might shift toward platforms that specialize in charitable payments. As regulators tighten oversight, providers that can demonstrate secure, low‑friction compliance mechanisms will gain a competitive edge, while those that mishandle data requests risk losing high‑value nonprofit clients and facing reputational damage.